PT-2020-12859 · Mailstore · Email Archive Outlook Add-In+1

Published

2020-04-23

Updated

2020-05-01

CVE-2020-11806

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions MailStore Outlook Add-in versions prior to 12.1.3 Email Archive Outlook Add-in versions prior to 12.1.3

Description The login process in the affected software does not validate the validity of the certificate presented by the server. This issue affects the login process, potentially allowing unauthorized access.

Recommendations For MailStore Outlook Add-in versions prior to 12.1.3, update to version 12.1.3 or later to resolve the issue. For Email Archive Outlook Add-in versions prior to 12.1.3, update to version 12.1.3 or later to resolve the issue.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2020-11806

Affected Products

Email Archive Outlook Add-In

Mailstore Outlook Add-In

PT-2020-12859 · Mailstore · Email Archive Outlook Add-In+1

CVE-2020-11806

Weakness Enumeration

Related Identifiers

Affected Products

References · 4