Описание
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*
cpe:2.3:a:clearswift_limited:mailsweeper:4.3.6_sp1:*:smtp:*:*:*:*:*
EPSS
Процентиль: 47%
0.00238
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove.
EPSS
Процентиль: 47%
0.00238
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other