CVE-2006-6964

Published Jan 29, 2007

Last updated 7 years ago

CVSS info 4.0

Overview

Description: MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA6DCAFE-CAC2-4B36-B3E1-FA2B490424EE"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.71:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93A9222A-6F22-40BD-8411-69A90E8E46AA"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F4AADE9-F3FB-4272-8026-58FC677D3F3F"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9DD53801-B8F7-4AE8-BA2B-AC6297340CB5"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.74:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9100CDEC-AD30-4CE0-9772-BF0524EDBB01"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.75:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C88089AF-34E8-40DA-9F1A-48F50C6B8A6C"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.76:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7FA2C5E-A638-485B-969E-445C7B88D1CD"
          },
          {
            "criteria": "cpe:2.3:a:mailenable:mailenable_professional:1.77:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80D3BFCC-4CF3-4FEB-844B-B6D092FCFD4E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References