Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.7
CVSSv3

CVE-2018-3815

Published: 08/01/2018 Updated: 03/10/2019
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.7 | Impact Score: 3.6 | Exploitability Score: 2.1
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Communigate Pro

Vulnerability Summary

The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated malicious user to send a message from any source email address. The attack uses an HTTP POST request to a /Session URI, and interchanges the XML From and To elements.

Vulnerable Product Search on Vulmon Subscribe to Product

stalker communigate pro 6.2

Exploits

Exploit DB: CommuniGatePro 6.2 Missing XIMSS Tag Validation
CommunigatePro XML Interface to Messaging, Scheduling, and Signaling protocol ("XIMSS") version 62 suffers from a missing XIMSS protocol validation vulnerability that can lead to an email spoofing attack ...

References

CWE-287https://packetstormsecurity.com/files/145724/communigatepro62-spoofhttps://nvd.nist.govhttps://packetstormsecurity.com/files/145724/CommuniGatePro-6.2-Missing-XIMSS-Tag-Validation.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook