Vulnerability Description
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or change the configuration via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Neo | Debun Imap | <= 3.3i_r4.0 |
| Neo | Debun Pop | <= 3.3p_r4.0 |
References
- http://jvn.jp/en/jp/JVN00344155/index.htmlThird Party Advisory
- https://www.denbun.com/en/imap/support/security/181003.htmlVendor Advisory
- https://www.denbun.com/en/pop/support/security/181003.htmlVendor Advisory
- http://jvn.jp/en/jp/JVN00344155/index.htmlThird Party Advisory
- https://www.denbun.com/en/imap/support/security/181003.htmlVendor Advisory
- https://www.denbun.com/en/pop/support/security/181003.htmlVendor Advisory
FAQ
What is CVE-2018-0682?
CVE-2018-0682 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) does not properly manage sessions, which allows remote attackers to read/send mail or ch...
How severe is CVE-2018-0682?
CVE-2018-0682 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2018-0682?
Check the references section above for vendor advisories and patch information. Affected products include: Neo Debun Imap, Neo Debun Pop.