Vulnerability Description
GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Groupwise | 5.5 |
References
- http://support.novell.com/padlock/details.htmPatchVendor Advisory
- http://www.securityfocus.com/archive/1/204672PatchVendor Advisory
- http://www.securityfocus.com/bid/3189
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6998
- http://support.novell.com/padlock/details.htmPatchVendor Advisory
- http://www.securityfocus.com/archive/1/204672PatchVendor Advisory
- http://www.securityfocus.com/bid/3189
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6998
FAQ
What is CVE-2001-1231?
CVE-2001-1231 is a vulnerability with a CVSS score of 5.0 (MEDIUM). GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addre...
How severe is CVE-2001-1231?
CVE-2001-1231 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1231?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Groupwise.