Vulnerability Details CVE-2014-2014
imapsync before 1.584, when running with the --tls option, attempts a cleartext login when a certificate verification failure occurs, which allows remote attackers to obtain credentials by sniffing the network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.2%
CVSS Severity
CVSS v2 Score 4.3
References
- http://seclists.org/oss-sec/2014/q1/367
- http://seclists.org/oss-sec/2014/q1/378
- http://www.linux-france.org/prj/imapsync_list/msg01907.html
- http://www.linux-france.org/prj/imapsync_list/msg01910.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:060
- https://bugs.mageia.org/show_bug.cgi?id=12770
- https://github.com/imapsync/imapsync/issues/15
- https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128293.html
- http://seclists.org/oss-sec/2014/q1/367
- http://seclists.org/oss-sec/2014/q1/378
- http://www.linux-france.org/prj/imapsync_list/msg01907.html
- http://www.linux-france.org/prj/imapsync_list/msg01910.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:060
- https://bugs.mageia.org/show_bug.cgi?id=12770
- https://github.com/imapsync/imapsync/issues/15
- https://lists.fedoraproject.org/pipermail/package-announce/2014-February/128293.html
Products affected by CVE-2014-2014
-
cpe:2.3:a:imapsync_project:imapsync:1.10
-
cpe:2.3:a:imapsync_project:imapsync:1.102
-
cpe:2.3:a:imapsync_project:imapsync:1.103
-
cpe:2.3:a:imapsync_project:imapsync:1.106
-
cpe:2.3:a:imapsync_project:imapsync:1.107
-
cpe:2.3:a:imapsync_project:imapsync:1.108
-
cpe:2.3:a:imapsync_project:imapsync:1.11
-
cpe:2.3:a:imapsync_project:imapsync:1.110
-
cpe:2.3:a:imapsync_project:imapsync:1.111
-
cpe:2.3:a:imapsync_project:imapsync:1.112
-
cpe:2.3:a:imapsync_project:imapsync:1.115
-
cpe:2.3:a:imapsync_project:imapsync:1.116
-
cpe:2.3:a:imapsync_project:imapsync:1.118
-
cpe:2.3:a:imapsync_project:imapsync:1.12
-
cpe:2.3:a:imapsync_project:imapsync:1.120
-
cpe:2.3:a:imapsync_project:imapsync:1.121
-
cpe:2.3:a:imapsync_project:imapsync:1.123
-
cpe:2.3:a:imapsync_project:imapsync:1.124
-
cpe:2.3:a:imapsync_project:imapsync:1.125
-
cpe:2.3:a:imapsync_project:imapsync:1.127
-
cpe:2.3:a:imapsync_project:imapsync:1.128
-
cpe:2.3:a:imapsync_project:imapsync:1.129
-
cpe:2.3:a:imapsync_project:imapsync:1.13
-
cpe:2.3:a:imapsync_project:imapsync:1.132
-
cpe:2.3:a:imapsync_project:imapsync:1.133
-
cpe:2.3:a:imapsync_project:imapsync:1.135
-
cpe:2.3:a:imapsync_project:imapsync:1.136
-
cpe:2.3:a:imapsync_project:imapsync:1.137
-
cpe:2.3:a:imapsync_project:imapsync:1.139
-
cpe:2.3:a:imapsync_project:imapsync:1.14
-
cpe:2.3:a:imapsync_project:imapsync:1.140
-
cpe:2.3:a:imapsync_project:imapsync:1.142
-
cpe:2.3:a:imapsync_project:imapsync:1.143
-
cpe:2.3:a:imapsync_project:imapsync:1.144
-
cpe:2.3:a:imapsync_project:imapsync:1.145
-
cpe:2.3:a:imapsync_project:imapsync:1.147
-
cpe:2.3:a:imapsync_project:imapsync:1.149
-
cpe:2.3:a:imapsync_project:imapsync:1.15
-
cpe:2.3:a:imapsync_project:imapsync:1.152
-
cpe:2.3:a:imapsync_project:imapsync:1.153
-
cpe:2.3:a:imapsync_project:imapsync:1.155
-
cpe:2.3:a:imapsync_project:imapsync:1.156
-
cpe:2.3:a:imapsync_project:imapsync:1.158
-
cpe:2.3:a:imapsync_project:imapsync:1.159
-
cpe:2.3:a:imapsync_project:imapsync:1.161
-
cpe:2.3:a:imapsync_project:imapsync:1.163
-
cpe:2.3:a:imapsync_project:imapsync:1.164
-
cpe:2.3:a:imapsync_project:imapsync:1.166
-
cpe:2.3:a:imapsync_project:imapsync:1.167
-
cpe:2.3:a:imapsync_project:imapsync:1.168
-
cpe:2.3:a:imapsync_project:imapsync:1.169
-
cpe:2.3:a:imapsync_project:imapsync:1.171
-
cpe:2.3:a:imapsync_project:imapsync:1.172
-
cpe:2.3:a:imapsync_project:imapsync:1.175
-
cpe:2.3:a:imapsync_project:imapsync:1.177
-
cpe:2.3:a:imapsync_project:imapsync:1.178
-
cpe:2.3:a:imapsync_project:imapsync:1.179
-
cpe:2.3:a:imapsync_project:imapsync:1.180
-
cpe:2.3:a:imapsync_project:imapsync:1.181
-
cpe:2.3:a:imapsync_project:imapsync:1.182
-
cpe:2.3:a:imapsync_project:imapsync:1.188
-
cpe:2.3:a:imapsync_project:imapsync:1.190
-
cpe:2.3:a:imapsync_project:imapsync:1.194
-
cpe:2.3:a:imapsync_project:imapsync:1.195
-
cpe:2.3:a:imapsync_project:imapsync:1.197
-
cpe:2.3:a:imapsync_project:imapsync:1.20
-
cpe:2.3:a:imapsync_project:imapsync:1.200
-
cpe:2.3:a:imapsync_project:imapsync:1.201
-
cpe:2.3:a:imapsync_project:imapsync:1.204
-
cpe:2.3:a:imapsync_project:imapsync:1.209
-
cpe:2.3:a:imapsync_project:imapsync:1.213
-
cpe:2.3:a:imapsync_project:imapsync:1.217
-
cpe:2.3:a:imapsync_project:imapsync:1.219
-
cpe:2.3:a:imapsync_project:imapsync:1.22
-
cpe:2.3:a:imapsync_project:imapsync:1.223
-
cpe:2.3:a:imapsync_project:imapsync:1.233
-
cpe:2.3:a:imapsync_project:imapsync:1.239
-
cpe:2.3:a:imapsync_project:imapsync:1.241
-
cpe:2.3:a:imapsync_project:imapsync:1.249
-
cpe:2.3:a:imapsync_project:imapsync:1.25
-
cpe:2.3:a:imapsync_project:imapsync:1.250
-
cpe:2.3:a:imapsync_project:imapsync:1.252
-
cpe:2.3:a:imapsync_project:imapsync:1.255
-
cpe:2.3:a:imapsync_project:imapsync:1.260
-
cpe:2.3:a:imapsync_project:imapsync:1.261
-
cpe:2.3:a:imapsync_project:imapsync:1.264
-
cpe:2.3:a:imapsync_project:imapsync:1.267
-
cpe:2.3:a:imapsync_project:imapsync:1.27
-
cpe:2.3:a:imapsync_project:imapsync:1.28
-
cpe:2.3:a:imapsync_project:imapsync:1.284
-
cpe:2.3:a:imapsync_project:imapsync:1.285
-
cpe:2.3:a:imapsync_project:imapsync:1.286
-
cpe:2.3:a:imapsync_project:imapsync:1.29
-
cpe:2.3:a:imapsync_project:imapsync:1.293
-
cpe:2.3:a:imapsync_project:imapsync:1.299
-
cpe:2.3:a:imapsync_project:imapsync:1.30
-
cpe:2.3:a:imapsync_project:imapsync:1.300
-
cpe:2.3:a:imapsync_project:imapsync:1.303
-
cpe:2.3:a:imapsync_project:imapsync:1.31
-
cpe:2.3:a:imapsync_project:imapsync:1.310
-
cpe:2.3:a:imapsync_project:imapsync:1.311
-
cpe:2.3:a:imapsync_project:imapsync:1.315
-
cpe:2.3:a:imapsync_project:imapsync:1.318
-
cpe:2.3:a:imapsync_project:imapsync:1.321
-
cpe:2.3:a:imapsync_project:imapsync:1.327
-
cpe:2.3:a:imapsync_project:imapsync:1.331
-
cpe:2.3:a:imapsync_project:imapsync:1.333
-
cpe:2.3:a:imapsync_project:imapsync:1.337
-
cpe:2.3:a:imapsync_project:imapsync:1.340
-
cpe:2.3:a:imapsync_project:imapsync:1.342
-
cpe:2.3:a:imapsync_project:imapsync:1.343
-
cpe:2.3:a:imapsync_project:imapsync:1.344
-
cpe:2.3:a:imapsync_project:imapsync:1.350
-
cpe:2.3:a:imapsync_project:imapsync:1.366
-
cpe:2.3:a:imapsync_project:imapsync:1.37
-
cpe:2.3:a:imapsync_project:imapsync:1.398
-
cpe:2.3:a:imapsync_project:imapsync:1.40
-
cpe:2.3:a:imapsync_project:imapsync:1.404
-
cpe:2.3:a:imapsync_project:imapsync:1.411
-
cpe:2.3:a:imapsync_project:imapsync:1.42
-
cpe:2.3:a:imapsync_project:imapsync:1.422
-
cpe:2.3:a:imapsync_project:imapsync:1.43
-
cpe:2.3:a:imapsync_project:imapsync:1.434
-
cpe:2.3:a:imapsync_project:imapsync:1.44
-
cpe:2.3:a:imapsync_project:imapsync:1.446
-
cpe:2.3:a:imapsync_project:imapsync:1.452
-
cpe:2.3:a:imapsync_project:imapsync:1.456
-
cpe:2.3:a:imapsync_project:imapsync:1.463
-
cpe:2.3:a:imapsync_project:imapsync:1.468
-
cpe:2.3:a:imapsync_project:imapsync:1.47
-
cpe:2.3:a:imapsync_project:imapsync:1.476
-
cpe:2.3:a:imapsync_project:imapsync:1.48
-
cpe:2.3:a:imapsync_project:imapsync:1.480
-
cpe:2.3:a:imapsync_project:imapsync:1.484
-
cpe:2.3:a:imapsync_project:imapsync:1.487
-
cpe:2.3:a:imapsync_project:imapsync:1.488
-
cpe:2.3:a:imapsync_project:imapsync:1.498
-
cpe:2.3:a:imapsync_project:imapsync:1.5
-
cpe:2.3:a:imapsync_project:imapsync:1.500
-
cpe:2.3:a:imapsync_project:imapsync:1.504
-
cpe:2.3:a:imapsync_project:imapsync:1.508
-
cpe:2.3:a:imapsync_project:imapsync:1.516
-
cpe:2.3:a:imapsync_project:imapsync:1.518
-
cpe:2.3:a:imapsync_project:imapsync:1.525
-
cpe:2.3:a:imapsync_project:imapsync:1.53
-
cpe:2.3:a:imapsync_project:imapsync:1.536
-
cpe:2.3:a:imapsync_project:imapsync:1.542
-
cpe:2.3:a:imapsync_project:imapsync:1.547
-
cpe:2.3:a:imapsync_project:imapsync:1.55
-
cpe:2.3:a:imapsync_project:imapsync:1.554
-
cpe:2.3:a:imapsync_project:imapsync:1.555
-
cpe:2.3:a:imapsync_project:imapsync:1.558
-
cpe:2.3:a:imapsync_project:imapsync:1.564
-
cpe:2.3:a:imapsync_project:imapsync:1.567
-
cpe:2.3:a:imapsync_project:imapsync:1.569
-
cpe:2.3:a:imapsync_project:imapsync:1.580
-
cpe:2.3:a:imapsync_project:imapsync:1.6
-
cpe:2.3:a:imapsync_project:imapsync:1.64
-
cpe:2.3:a:imapsync_project:imapsync:1.65
-
cpe:2.3:a:imapsync_project:imapsync:1.68
-
cpe:2.3:a:imapsync_project:imapsync:1.7
-
cpe:2.3:a:imapsync_project:imapsync:1.71
-
cpe:2.3:a:imapsync_project:imapsync:1.72
-
cpe:2.3:a:imapsync_project:imapsync:1.74
-
cpe:2.3:a:imapsync_project:imapsync:1.75
-
cpe:2.3:a:imapsync_project:imapsync:1.76
-
cpe:2.3:a:imapsync_project:imapsync:1.77
-
cpe:2.3:a:imapsync_project:imapsync:1.80
-
cpe:2.3:a:imapsync_project:imapsync:1.82
-
cpe:2.3:a:imapsync_project:imapsync:1.83
-
cpe:2.3:a:imapsync_project:imapsync:1.84
-
cpe:2.3:a:imapsync_project:imapsync:1.86
-
cpe:2.3:a:imapsync_project:imapsync:1.87
-
cpe:2.3:a:imapsync_project:imapsync:1.88
-
cpe:2.3:a:imapsync_project:imapsync:1.89
-
cpe:2.3:a:imapsync_project:imapsync:1.90
-
cpe:2.3:a:imapsync_project:imapsync:1.91
-
cpe:2.3:a:imapsync_project:imapsync:1.94
-
cpe:2.3:a:imapsync_project:imapsync:1.95
-
cpe:2.3:a:imapsync_project:imapsync:1.96
-
cpe:2.3:a:imapsync_project:imapsync:1.98
-
cpe:2.3:a:imapsync_project:imapsync:1.99