Published: 11/06/2020 Updated: 22/06/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

An issue exists in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 up to and including 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 up to and including 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow man-in-the-middle compromise of communications between CipherMail products and external SMTP clients.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ciphermail gateway
ciphermail webmail messenger

CipherMail Community Virtual Appliance version 462 suffers from remote command execution and file injection vulnerabilities ...

CWE-326 https://www.ciphermail.com/secure-webmail.html https://www.ciphermail.com/gateway.html https://packetstormsecurity.com/files/158001/CipherMail-Community-Virtual-Appliance-4.6.2-Code-Execution.html https://www.coresecurity.com/core-labs/advisories/ciphermail-multiple-vulnerabilities https://www.ciphermail.com/news.html https://www.ciphermail.com/blog/ciphermail-cve-2020-12713_2020-12714.html https://nvd.nist.gov https://packetstormsecurity.com/files/158001/CipherMail-Community-Virtual-Appliance-4.6.2-Code-Execution.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-12714

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect