Описание
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
Ссылки
- Third Party Advisory
- MitigationVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingMitigationVendor Advisory
- Third Party Advisory
- MitigationVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingMitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.87 (включая)
cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01678
Низкий
5.9 Medium
CVSS3
2.6 Low
CVSS2
Дефекты
CWE-320
Связанные уязвимости
CVSS3: 5.9
ubuntu
около 9 лет назад
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
CVSS3: 5.3
redhat
около 9 лет назад
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
CVSS3: 5.9
debian
около 9 лет назад
Exim before 4.87.1 might allow remote attackers to obtain the private ...
CVSS3: 5.9
github
больше 3 лет назад
Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages.
EPSS
Процентиль: 82%
0.01678
Низкий
5.9 Medium
CVSS3
2.6 Low
CVSS2
Дефекты
CWE-320