5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
70.9%
Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which cookies may be disclosed.
A remote attacker could impersonate a user of Active! mail 2003. As a result, the user’s email could be viewed or configurations could be modified.
Update the Software
Update to the latest version according to the information provided by the vendor.
Change the Setting
For Active! mail 2003 Build 2003.0139.0911 and Build 2003.0139.0938, this vulnerability can be addressed by fixing the configuration file “system.cfg”.
For more information, refer to the vendor’s website.
The above products are affected by this vulnerability when used in a SSL (https) environment.