Overview
- Description
- Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted".
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-310
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper_business_suite_i:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22D367E0-7BBF-4069-8BAF-22354D126362"
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper_business_suite_ii:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F701A23-4D0E-40D2-8CE9-3529346065F3"
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper_for_smtp:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11667D6A-A1BA-4FF4-BE5F-194A743167FE"
},
{
"criteria": "cpe:2.3:a:clearswift:mimesweeper_for_web:5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D98B72C-99E5-4980-8305-EF40C469C33F"
}
],
"operator": "OR"
}
]
}
]