CVE-2018-0680

Опубликовано: 15 нояб. 2018

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to read/send mail or change the configuration.

Ссылки

http://jvn.jp/en/jp/JVN00344155/index.html
Third Party Advisory
https://www.denbun.com/en/imap/support/security/181003.html
Vendor Advisory
https://www.denbun.com/en/pop/support/security/181003.html
Vendor Advisory
http://jvn.jp/en/jp/JVN00344155/index.html
Third Party Advisory
https://www.denbun.com/en/imap/support/security/181003.html
Vendor Advisory
https://www.denbun.com/en/pop/support/security/181003.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:neo:debun_imap:*:*:*:*:*:*:*:*

Версия до 3.3i_r4.0 (включая)

cpe:2.3:a:neo:debun_pop:*:*:*:*:*:*:*:*

Версия до 3.3p_r4.0 (включая)

EPSS

Процентиль: 77%

0.0102

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-wr6g-9267-m7jv