Vulnerability Description
Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Macallan | Mail Solution | 2.8.4.6_build_260 |
References
- http://secunia.com/advisories/10861
- http://securitytracker.com/id?1009030
- http://www.osvdb.org/3926
- http://www.securityfocus.com/bid/9646Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15194
- https://testzone.secunia.com/advisories/10861
- http://secunia.com/advisories/10861
- http://securitytracker.com/id?1009030
- http://www.osvdb.org/3926
- http://www.securityfocus.com/bid/9646Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15194
- https://testzone.secunia.com/advisories/10861
FAQ
What is CVE-2004-2071?
CVE-2004-2071 is a vulnerability with a CVSS score of 7.5 (HIGH). Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after t...
How severe is CVE-2004-2071?
CVE-2004-2071 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2071?
Check the references section above for vendor advisories and patch information. Affected products include: Macallan Mail Solution.