Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-38373

Related Vulnerabilities: CVE-2021-38373  

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

Source

Description

The MITRE CVE dictionary describes this issue as:

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

Additional Information

  • Bugzilla 1995180: CVE-2021-38373 kmail: STARTTLS is ignored when "Server requires authentication" not checked in UI
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • FAQ: Frequently asked questions about CVE-2021-38373

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started