PT-2019-18464 · Smartertools · Smartermail
Published
2019-04-24
·
Updated
2020-02-10
·
CVE-2019-7212
CVSS v3.1
8.2
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SmarterTools SmarterMail versions 16.x before build 6985
Description
The issue allows an unauthenticated attacker to access other users' emails and file attachments. It also enables interaction with mailing lists.
Recommendations
For versions 16.x before build 6985, update to build 6985 or later to resolve the issue.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Smartermail