Описание
An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Attackers with administrative access to the web interface have multiple options to escalate their privileges to the Unix root account.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- ProductVendor Advisory
- Release NotesVendor Advisory
- ProductVendor Advisory
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- PatchVendor Advisory
- ProductVendor Advisory
- Release NotesVendor Advisory
- ProductVendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.1 (включая) до 4.7.1-0 (включая)Версия от 1.1.1 (включая) до 3.1.1-0 (включая)
Одно из
cpe:2.3:a:ciphermail:gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:ciphermail:webmail_messenger:*:*:*:*:*:*:*:*
EPSS
Процентиль: 83%
0.01981
Низкий
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-269
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Attackers with administrative access to the web interface have multiple options to escalate their privileges to the Unix root account.
EPSS
Процентиль: 83%
0.01981
Низкий
7.2 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-269