CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
92.7%
Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as “Clean” instead of “Encrypted”.
Vendor | Product | Version | CPE |
---|---|---|---|
clearswift | mailsweeper_business_suite_i | * | cpe:2.3:a:clearswift:mailsweeper_business_suite_i:*:*:*:*:*:*:*:* |
clearswift | mailsweeper_business_suite_ii | * | cpe:2.3:a:clearswift:mailsweeper_business_suite_ii:*:*:*:*:*:*:*:* |
clearswift | mailsweeper_for_smtp | 4.3 | cpe:2.3:a:clearswift:mailsweeper_for_smtp:4.3:*:*:*:*:*:*:* |
clearswift | mimesweeper_for_web | 5.0.5 | cpe:2.3:a:clearswift:mimesweeper_for_web:5.0.5:*:*:*:*:*:*:* |