Описание
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- PatchVendor Advisory
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:inter7:vpopmail_\(vchkpw\):5.4.14:*:*:*:*:*:*:*
cpe:2.3:a:inter7:vpopmail_\(vchkpw\):5.4.15:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.012
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 19 лет назад
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows r ...
github
больше 3 лет назад
vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.
EPSS
Процентиль: 77%
0.012
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other