CVE-2021-38373

Опубликовано: 09 авг. 2021

Источник: redhat

CVSS3: 6.5

Описание

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	kdepim	Out of support scope
Red Hat Enterprise Linux 6	kdepim3	Out of support scope
Red Hat Enterprise Linux 7	kdepim	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=1995180kmail: STARTTLS is ignored when "Server requires authentication" not checked in UI

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2021-38373

CVSS3: 5.3

ubuntu

больше 4 лет назад

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

CVE-2021-38373

CVSS3: 5.3

nvd

больше 4 лет назад

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

CVE-2021-38373

CVSS3: 5.3

debian

больше 4 лет назад

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not hon ...

GHSA-rc8g-gfxp-864v

github

больше 3 лет назад

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

6.5 Medium

CVSS3