CVE-2019-7212

2019-04-2414:43:02

mitre

www.cve.org

AI Score

8.3

Confidence

High

EPSS

0.003

Percentile

65.5%

JSON

SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. An unauthenticated attacker could access other users’ emails and file attachments. It was also possible to interact with mailing lists.

References

www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-smartermail/

www.smartertools.com/smartermail/release-notes/current