CVE-2023-23566

Name of the Vulnerable Software and Affected Versions Axigen version 10.3.3.52

Description A 2-Step Verification issue allows an attacker to access a mailbox by bypassing 2-Step Verification when trying to add an account to any third-party webmail service with IMAP or POP3 without any verification code. This can occur when adding an account to services like Outlook or Gmail.

Recommendations For Axigen version 10.3.3.52, consider disabling the IMAP and POP3 services until a patch is available to prevent bypassing 2-Step Verification. Restrict access to adding accounts to third-party webmail services to minimize the risk of exploitation.