CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2313

Inter7 SqWebMail 3.4.1 through 3.6.1 generates different error messages for incorrect passwords versus correct passwords on non-mail-enabled accounts (such as root), which allows remote attackers to guess the root password via brute force attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.3%

CVSS Severity

CVSS v2 Score 5.0

References

http://www.securityfocus.com/archive/1/352317
http://www.securityfocus.com/bid/9541
https://exchange.xforce.ibmcloud.com/vulnerabilities/15058
http://www.securityfocus.com/archive/1/352317
http://www.securityfocus.com/bid/9541
https://exchange.xforce.ibmcloud.com/vulnerabilities/15058

Products affected by CVE-2004-2313

Inter7 » Sqwebmail » Version: 3.4.1

cpe:2.3:a:inter7:sqwebmail:3.4.1
Inter7 » Sqwebmail » Version: 3.5.0

cpe:2.3:a:inter7:sqwebmail:3.5.0
Inter7 » Sqwebmail » Version: 3.5.1

cpe:2.3:a:inter7:sqwebmail:3.5.1
Inter7 » Sqwebmail » Version: 3.5.2

cpe:2.3:a:inter7:sqwebmail:3.5.2
Inter7 » Sqwebmail » Version: 3.5.3

cpe:2.3:a:inter7:sqwebmail:3.5.3
Inter7 » Sqwebmail » Version: 3.6.0

cpe:2.3:a:inter7:sqwebmail:3.6.0
Inter7 » Sqwebmail » Version: 3.6.1

cpe:2.3:a:inter7:sqwebmail:3.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2313

Products

Pricing

Contact Us