Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-3275
HistoryJun 19, 2007 - 9:30 p.m.

CVE-2007-3275

2007-06-1921:30:00
CWE-255
mitre
web.nvd.nist.gov
31
mailwasher
server
ldap
active directory
auth
vulnerability
cve-2007-3275
nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

81.1%

JSON

MailWasher Server before 2.2.1, when used with LDAP or Active Directory (AD), does not properly handle blank passwords, which allows remote attackers to access an arbitrary user account and read the spam e-mail messages stored for that account, possibly related to the LoginCheck::doPost function in mwi/servlet/Login.cpp. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd
Node
mailwashermailwasher_serverRange2.2.0
VendorProductVersionCPE
mailwashermailwasher_server*cpe:2.3:a:mailwasher:mailwasher_server:*:*:*:*:*:*:*:*

Related

nvd 1
cvelist 1
prion 1
nvd
nvd
CVE-2007-3275
2007-06-19 21:30:00
cvelist
cvelist
CVE-2007-3275
2007-06-19 21:00:00
prion
prion
Information disclosure
2007-06-19 21:30:00

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

81.1%

JSON
Related for CVE-2007-3275
nvd1cvelist1prion1