Lucene search

K
cve[email protected]CVE-2006-2346
HistoryMay 12, 2006 - 5:06 p.m.

CVE-2006-2346

2006-05-1217:06:00
NVD-CWE-Other
web.nvd.nist.gov
20
vpopmail
5.4.14
5.4.15
cleartext password
vulnerability
authentication
remote attackers

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.7%

vpopmail 5.4.14 and 5.4.15, with cleartext passwords enabled, allows remote attackers to authenticate to an account that does not have a cleartext password set by using a blank password to (1) SMTP AUTH or (2) APOP.

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.017 Low

EPSS

Percentile

87.7%

Related for CVE-2006-2346