Описание
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections
Ссылки
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
- Patch
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- Broken Link
- Third Party AdvisoryVDB Entry
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.1 (исключая)
cpe:2.3:a:horms:perdition:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.00579
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-755
Связанные уязвимости
CVSS3: 5.9
ubuntu
около 6 лет назад
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections
CVSS3: 5.9
debian
около 6 лет назад
Perdition before 2.2 may have weak security when handling outbound con ...
CVSS3: 5.9
github
почти 4 года назад
Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections
EPSS
Процентиль: 68%
0.00579
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-755