Lucene search
PRIOn knowledge basePRION:CVE-2019-12924HistoryJul 08, 2019 - 9:15 p.m.
Xxe
2019-07-0821:15:00
PRIOn knowledge base
www.prio-n.com
6
MailEnable Enterprise Premium 10.23 was vulnerable to XML External Entity Injection (XXE) attacks that could be exploited by an unauthenticated user. It was possible for an attacker to use a vulnerability in the configuration of the XML processor to read any file on the host system. Because all credentials were stored in a cleartext file, it was possible to steal all users’ credentials (including the highest privileged users).
| CPE | Name | Operator | Version |
|---|---|---|---|
| mailenable | ge | 6.0 | |
| mailenable | lt | 6.90 | |
| mailenable | ge | 7.0 | |
| mailenable | lt | 7.62 | |
| mailenable | ge | 8.00 | |
| mailenable | lt | 8.64 | |
| mailenable | ge | 9.0 | |
| mailenable | lt | 9.83 | |
| mailenable | ge | 10.00 | |
| mailenable | lt | 10.24 |
Related
cvelist
cvelist
CVE-2019-12924
2019-07-08 21:00:00
cve
cve
CVE-2019-12924
2019-07-08 21:15:10
nvd
nvd
CVE-2019-12924
2019-07-08 21:15:10
myhack58
myhack58