Vulnerability Description
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management page and change the configuration.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Neo | Debun Imap | <= 3.3i_r4.0 |
| Neo | Debun Pop | <= 3.3p_r4.0 |
Related Weaknesses (CWE)
References
- http://jvn.jp/en/jp/JVN00344155/index.htmlThird Party Advisory
- https://www.denbun.com/en/imap/support/security/181003.htmlVendor Advisory
- https://www.denbun.com/en/pop/support/security/181003.htmlVendor Advisory
- http://jvn.jp/en/jp/JVN00344155/index.htmlThird Party Advisory
- https://www.denbun.com/en/imap/support/security/181003.htmlVendor Advisory
- https://www.denbun.com/en/pop/support/security/181003.htmlVendor Advisory
FAQ
What is CVE-2018-0681?
CVE-2018-0681 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) uses hard-coded credentials, which may allow remote attackers to login to the Management...
How severe is CVE-2018-0681?
CVE-2018-0681 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-0681?
Check the references section above for vendor advisories and patch information. Affected products include: Neo Debun Imap, Neo Debun Pop.