Описание
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
Ссылки
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.4.22 (исключая)
cpe:2.3:a:fetchmail:fetchmail:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00182
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-319
Связанные уязвимости
CVSS3: 5.9
ubuntu
больше 4 лет назад
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
CVSS3: 5.9
redhat
больше 4 лет назад
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.
CVSS3: 5.9
msrc
почти 4 года назад
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances such as a certain situation with IMAP and PREAUTH.
CVSS3: 5.9
debian
больше 4 лет назад
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption i ...
EPSS
Процентиль: 40%
0.00182
Низкий
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-319