PT-2019-7730 · Imapfilter+2 · Imapfilter+2

Asentierio

Publicado

2019-09-08

Atualizado

2023-02-16

CVE-2016-10937

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions IMAPFilter versions prior to 2.6.13

Description The issue is related to the failure of IMAPFilter to validate the hostname in an SSL certificate. This could potentially lead to security issues, but specific details about the estimated number of affected devices or real-world incidents are not provided.

Recommendations For IMAPFilter versions prior to 2.6.13, update to version 2.6.13 or later to resolve the issue. As a temporary workaround, consider disabling SSL certificate validation until a patch is available, but this is not recommended due to the potential security risks. Restrict access to sensitive information to minimize the risk of exploitation.

Correção

Improper Certificate Validation

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-295

Identificadores relacionados

ALT-PU-2021-1130

ALT-PU-2021-1203

CVE-2016-10937

DLA-1976-1

OPENSUSE-SU-2020:0673-1

OPENSUSE-SU-2020:0765-1

OPENSUSE-SU-2020_0673-1

Produtos afetados

Alt Linux

Imapfilter

Suse

PT-2019-7730 · Imapfilter+2 · Imapfilter+2

CVE-2016-10937

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 22