imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing the network.
References
Configurations
Configuration 1 (hide)
|
History
07 Jun 2023, 13:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:gilles_lamiral:imapsync:*:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.564:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.53:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.547:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.518:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.516:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.567:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.542:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.525:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.554:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.500:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.504:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.558:*:*:*:*:*:*:* cpe:2.3:a:gilles_lamiral:imapsync:1.569:*:*:*:*:*:*:* |
cpe:2.3:a:imapsync_project:imapsync:1.53:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.569:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.518:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.554:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.558:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.567:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.508:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.564:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.516:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.525:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:*:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.547:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.504:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.500:*:*:*:*:*:*:* cpe:2.3:a:imapsync_project:imapsync:1.542:*:*:*:*:*:*:* |
Information
Published : 2014-04-18 22:14
Updated : 2024-02-04 18:35
NVD link : CVE-2014-2014
Mitre link : CVE-2014-2014
CVE.ORG link : CVE-2014-2014
JSON object : View
Products Affected
imapsync_project
- imapsync
CWE
CWE-255
Credentials Management Errors