Vulnerability Description
Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web form.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ipswitch | Imail | 6.0.2 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0076.htmlVendor Advisory
- http://www.ipswitch.com/Support/IMail/news.html
- http://www.securityfocus.com/bid/3429
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0076.htmlVendor Advisory
- http://www.ipswitch.com/Support/IMail/news.html
- http://www.securityfocus.com/bid/3429
FAQ
What is CVE-2001-1281?
CVE-2001-1281 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change information for other users by modifying the olduser parameter in the "Change User Information" web...
How severe is CVE-2001-1281?
CVE-2001-1281 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1281?
Check the references section above for vendor advisories and patch information. Affected products include: Ipswitch Imail.