PT-2023-18391 · M-Filter · M-Filter
Published
2023-01-17
·
Updated
2023-01-25
·
CVE-2023-22278
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
m-FILTER versions prior to 5.70R01 (Ver.5 Series)
m-FILTER versions prior to 4.87R04 (Ver.4 Series)
Description
The issue allows a remote unauthenticated attacker to bypass authentication and send users' unintended email when email is being sent under certain conditions. Attacks exploiting this issue have been observed.
Recommendations
For m-FILTER versions prior to 5.70R01 (Ver.5 Series), update to version 5.70R01 or later.
For m-FILTER versions prior to 4.87R04 (Ver.4 Series), update to version 4.87R04 or later.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
M-Filter