Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-28374
HistoryMar 15, 2021 - 4:51 a.m.

CVE-2021-28374

2021-03-1504:51:56
mitre
www.cve.org
5
debian
courier-authlib
weak permissions
user information
cleartext passwords
directory

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON

The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. This may include a cleartext password in some configurations. In general, it includes the user’s existence, uid and gids, home and/or Maildir directory, quota, and some type of password information (such as a hash).

Related

nvd 1
cve 1
debiancve 1
openvas 1
osv 1
prion 1
ubuntucve 1
debian 1
veracode 1
nessus 1
nvd
nvd
CVE-2021-28374
2021-03-15 05:15:12
cve
cve
CVE-2021-28374
2021-03-15 05:15:12
debiancve
debiancve
CVE-2021-28374
2021-03-15 05:15:12
openvas
openvas
Debian: Security Advisory (DLA-2625-1)
2021-04-15 00:00:00
osv
osv
courier-authlib - security update
2021-04-14 00:00:00
prion
prion
Design/Logic Flaw
2021-03-15 05:15:00
ubuntucve
ubuntucve
CVE-2021-28374
2021-03-15 00:00:00
debian
debian
[SECURITY] [DLA 2625-1] courier-authlib security update
2021-04-14 06:46:50
veracode
veracode
Information Disclosure
2021-03-16 00:18:08
nessus
nessus
Debian DLA-2625-1 : courier-authlib security update
2021-04-15 00:00:00

AI Score

7.6

Confidence

High

EPSS

0.002

Percentile

59.9%

JSON
Related for CVELIST:CVE-2021-28374
nvd1cve1debiancve1openvas1osv1prion1ubuntucve1debian1veracode1nessus1