CVE-2011-3580
Published Sep 30, 2011
Last updated 7 years ago
Overview
- Description
- IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E11FB6B8-D2E7-4F76-B38C-FF90517A6EFF",
"versionEndIncluding": "10.3.2"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:9.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22B17040-1D48-4BCC-8AB8-CE275630AB92"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:9.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF60A80C-6148-4234-87F7-9E5226C05293"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:9.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC90647F-D741-436E-812D-950A0A69AE28"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:9.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7603560-8C55-4A46-BE89-BB2D03F5B111"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:9.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B56EBDA-600D-4091-BF31-717DAC195EBC"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:9.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E50E0941-3BDD-496A-A533-181C50C315AF"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE9442E4-0468-4FAD-8470-A89BB6DEF8EB"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D52315B-50BA-447A-85D2-1119CA464B78"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20816B82-986E-44F1-9188-34A1827231C5"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12060349-5779-435C-BDC9-4ECDA6277BA3"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D7BF916-C278-435C-8E8E-5F67BDC1DB48"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "99FE1579-35EC-4C6C-A63A-E3DBC0F7FD72"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A72083C1-0045-4929-B705-0610C5E0CA17"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5316DDD8-84F0-4F1B-8A6C-FFFAF78C0686"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75359877-B017-47A5-9ADE-9B9FDEBB3F1F"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64D4A427-889F-4928-B535-636A2A7D85AB"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51F02A0D-378E-4150-B105-B826B6AC1553"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3C8D192-0E1A-4379-995A-B294E2FD1EB2"
},
{
"criteria": "cpe:2.3:a:icewarp:mail_server:10.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2ADA889-C52D-4C80-96EB-834489654614"
}
],
"operator": "OR"
}
]
}
]