1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.1%
Active! mail provided by TransWARE is a webmail software. Active! mail contains an information disclosure vulnerability.
If the βexternal public interfaceβ is enabled, an attacker who can log into the server may obtain users credentials.
Restrict log-in to the server
Allow connections only from an administrator or trusted users.
Do not use the βexternal public interfaceβ function
Turn off the βexternal public interfaceβ if the function is not necessary.
For more information, refer to the information provided by the developer.