CVE-2011-1506

The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. NOTE: some of these details are obtained from third party information.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/43678	Vendor Advisory
http://www.kb.cert.org/vuls/id/555316	US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8D9M4P	US Government Resource
http://www.securityfocus.com/bid/46767
http://www.vupen.com/english/advisories/2011/0610	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/65932
http://secunia.com/advisories/43678	Vendor Advisory
http://www.kb.cert.org/vuls/id/555316	US Government Resource
http://www.kb.cert.org/vuls/id/MAPG-8D9M4P	US Government Resource
http://www.securityfocus.com/bid/46767
http://www.vupen.com/english/advisories/2011/0610	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/65932

Configurations

Configuration 1 (hide)

cpe:2.3:a:kerio:connect:7.1.4:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:kerio:kerio_mailserver:5.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.1.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.6.3:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.6.4:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.6.5:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.3:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.4:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.5:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.6:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.7:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.8:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.9:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:5.7.10:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.3:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.4:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.5:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.6:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.7:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.8:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.9:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.0.10:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.1.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.1.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.1.3:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.1.3_patch_1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.1.4:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.2.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.2.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.2.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.3.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.3.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.3.1_p1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.3.1_p2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.4.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.4.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.4.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.5.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.5.0:patch_1::::::
	cpe:2.3:a:kerio:kerio_mailserver:6.5.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.5.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.6.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.6.0:patch_1::::::
	cpe:2.3:a:kerio:kerio_mailserver:6.6.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.6.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.7.0:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.7.1:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.7.2:::::::*
	cpe:2.3:a:kerio:kerio_mailserver:6.7.3:::::::*

History

21 Nov 2024, 01:26

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/43678 - Vendor Advisory~~	() http://secunia.com/advisories/43678 - Vendor Advisory
References	~~() http://www.kb.cert.org/vuls/id/555316 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/555316 - US Government Resource
References	~~() http://www.kb.cert.org/vuls/id/MAPG-8D9M4P - US Government Resource~~	() http://www.kb.cert.org/vuls/id/MAPG-8D9M4P - US Government Resource
References	~~() http://www.securityfocus.com/bid/46767 -~~	() http://www.securityfocus.com/bid/46767 -
References	~~() http://www.vupen.com/english/advisories/2011/0610 - Vendor Advisory~~	() http://www.vupen.com/english/advisories/2011/0610 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/65932 -

Information

Published : 2011-03-22 17:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-1506

Mitre link : CVE-2011-1506

CVE.ORG link : CVE-2011-1506

JSON object : View

Products Affected

kerio

kerio_mailserver
connect

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2011-1506", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-03-22T17:55:04.377", "references": [{"url": "http://secunia.com/advisories/43678", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/555316", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/MAPG-8D9M4P", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/46767", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0610", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/43678", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/555316", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/MAPG-8D9M4P", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/46767", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2011/0610", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65932", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a \"plaintext command injection\" attack, a similar issue to CVE-2011-0411. NOTE: some of these details are obtained from third party information."}, {"lang": "es", "value": "La implementaci\u00f3n STARTTLS en Kerio Connect v7.1.4 build 2985 y MailServer v6.x no restringe de forma adecuada el b\u00fafer I/O, lo que permite atacantes \"man-in-the-middle\" insertar comandos en las sesiones SMTP cifrado mediante el env\u00edo de un comando de texto plano que se procesa despu\u00e9s de TLS en su lugar, en relaci\u00f3n con un ataque \"inyecci\u00f3n de comandos de texto claro\", un problema similar a CVE-2011-0411. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kerio:connect:7.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5E56E9A-B68C-4E87-8CBF-73AD60794AAC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7D26DCD-85B0-4908-A414-119862437C28"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B58BAF1-CF68-4F8C-8BCD-FF3C015FE72A"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B9C9084-B518-44F2-9F65-032A644FEC61"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F55CFA68-E07E-46CE-87F6-00AE9A268CE2"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58ECCE69-EAB9-427E-8922-F463E184C9F7"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20E50A0F-7AFF-4F17-8833-839DDBD538C7"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9063B23B-E585-41E4-98FF-DF18602C6E6E"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CB993B9-0CF5-4E71-A612-F3033F4F202B"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B079207-FAF3-4FE2-B420-342440958C48"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A82C0BC-50D5-4FAC-A654-387B49CB7047"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BC1748E-32F0-4144-A597-89E8B8705FFA"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39C92F3B-23E3-4978-89AA-FC17B8EDF580"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B1FA201-CBCF-4D61-9848-F661A16EBEF7"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A2154DF-2306-4E8B-B78A-1BF20E697157"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79C4389A-4BF4-4C38-8FF5-72B92548EFB4"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67230E76-2C30-4038-BC5B-BAC02EDDFAC3"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:5.7.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAEA1EB3-5F4F-40D6-833C-225AC348760D"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC515E75-119E-4CB9-985E-00E6A9349178"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FA7CEE3-7D36-4F9D-8AC6-3F4C55D360CD"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "937A6092-48C9-4721-B069-0B46D3520E36"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38A0AAC-ACA8-44D3-B36A-741D01BE166F"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08AE0CAA-B5A4-4E3A-B997-A2858E88CCC8"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9AC0D46-2096-4006-8FED-A67AFCE2ED98"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F931B5E-6F02-48F6-8DAB-C0D796DFC2A2"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B391EF70-D407-4087-96CF-B925CA2799B1"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23D64B85-51A2-47BC-94A2-8C9980CC573D"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4AB197E-4F2E-4976-B6F7-17EB8A8BFBB1"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A8ADC9C-F49D-4CD2-B6DC-63552480646F"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "991FC66F-B9F7-4E67-9D90-E56DE26FD85F"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F343A3A1-1335-4785-B90E-3C62736A06B8"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5605CD2B-8607-446C-94C4-B539C2396FEA"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B88E6A90-0433-493B-9E68-D0809F8A7B98"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.1.3_patch_1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "402EE4C7-77D0-4C06-8407-9F69F4059890"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59830366-4CE8-44A2-9761-FB9226414A9B"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E119E7EB-F7FE-451E-8E7C-BBAB3849DF50"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B080E7F-7BA8-48A1-B0EC-16B3BE5B183F"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A75F2BE-8D1A-4022-823E-16BA42DA02DA"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF86DC55-8519-44D5-A7FD-77FA8B2651AB"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAC7A299-CD9D-4159-A6C5-40F72DA158B1"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.3.1_p1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83D02EC9-EF7F-4EBF-A053-1AE7DE164C06"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.3.1_p2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AE229C4-559F-4BB9-AF47-54C43AD03587"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45649E00-F6B4-4782-A989-D9D5E20FA75B"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "178E27A1-7A68-4298-96D8-540E0E77CDAA"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F30234CC-D865-4F1D-A4C7-FE6D050D2158"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "312EC630-9D21-4560-A57D-77D1704942C7"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.5.0:patch_1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4522E3BF-C7DC-4160-8841-7784C4C575BB"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB7D282B-ED68-45EB-912E-72F9E85DC23E"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "609DCDF8-437A-49B1-95FB-5E0ED30E0711"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CD16F9A-6CC4-4FB2-9441-768312DEBB87"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.6.0:patch_1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE8D55BD-7C1A-455C-8243-01632C0438F0"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64099B8F-F609-49D8-932E-8F4040AFFC75"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39FECD4F-3494-4EB7-A3AF-828E3D6DD5E3"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A59B047-22D1-4271-AA18-160536A1235F"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4106DB61-421B-4F41-8D65-23FE4B6696E5"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FEA2AB8-AFB6-4AB2-B358-BD76CDD6B9B4"}, {"criteria": "cpe:2.3:a:kerio:kerio_mailserver:6.7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "521CB164-8072-46CB-994E-6BC99863AB59"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

6.8 /10