Webmail Messenger Security Vulnerabilities and Issues — Webmail Messenger CVE List

CiphermailWebmail Messenger

3 matches found

CVE•added 2020/06/11 1:33 a.m.•94 views

CVE-2020-12713

CVE-2020-12713 affects CipherMail Community Gateway and Professional/Enterprise Gateway (versions 1.0.1–4.7.1-0) and CipherMail Webmail Messenger (1.1.1–3.1.1-0). Red Hat and NVD references confirm a privilege-escalation flaw enabling attackers with administrative access to the web interface to e...

9CVSS7.1AI score0.02626EPSS

CVE•added 2020/06/11 1:46 a.m.•93 views

CVE-2020-12714

CVE-2020-12714 affects CipherMail Community Gateway and related Virtual Appliances (versions 1.0.1–4.7.1-0) and CipherMail Webmail Messenger (1.1.1–3.1.1-0). The issue is insufficient Diffie-Hellman key size, enabling a man-in-the-middle compromise of communications with external SMTP clients. Re...

5.9CVSS6.1AI score0.02626EPSS

CVE•added 2022/04/26 5:49 p.m.•58 views

CVE-2022-28218

CipherMail Webmail Messenger versions 1.1.1–4.1.4 are affected by a local-attack vulnerability where secret keys stored in the Roundcube configuration file, used to protect Webmail user passwords and 2FA, can be accessed by an attacker with local access. This exposes confidentiality of credential...

5.5CVSS5.5AI score0.0024EPSS