Axigen Mail Server Security Vulnerabilities and Issues — Axigen Mail Server CVE List

Lucene search

AxigenAxigen Mail Server

3 matches found

CVE•added 2024/02/08 1:15 a.m.•65 views

CVE-2023-48974

Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.

9.6CVSS8.9AI score0.06582EPSS

CVE•added 2023/01/13 4:15 a.m.•46 views

CVE-2023-23566

A 2-Step Verification problem in Axigen 10.3.3.52 allows an attacker to access a mailbox by bypassing 2-Step Verification when they try to add an account to any third-party webmail service (or add an account to Outlook or Gmail, etc.) with IMAP or POP3 without any verification code.

9.8CVSS9.2AI score0.00191EPSS

CVE•added 2024/03/21 2:36 a.m.•45 views

CVE-2020-26942

An issue discovered in Axigen Mail Server 10.3.x before 10.3.1.27 and 10.3.2.x before 10.3.3.1 allows unauthenticated attackers to submit a setAdminPassword operation request, subsequently setting a new arbitrary password for the admin account.

9.1CVSS7.2AI score0.00287EPSS