Vulnerability Details CVE-2019-7212
SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret keys. An unauthenticated attacker could access other users’ emails and file attachments. It was also possible to interact with mailing lists.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.7%
CVSS Severity
CVSS v3 Score 8.2
CVSS v2 Score 6.4
References
- https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-smartermail/
- https://www.smartertools.com/smartermail/release-notes/current
- https://www.nccgroup.trust/uk/our-research/technical-advisory-multiple-vulnerabilities-in-smartermail/
- https://www.smartertools.com/smartermail/release-notes/current
Products affected by CVE-2019-7212
-
cpe:2.3:a:smartertools:smartermail:16.0.6345
-
cpe:2.3:a:smartertools:smartermail:16.0.6348
-
cpe:2.3:a:smartertools:smartermail:16.0.6362
-
cpe:2.3:a:smartertools:smartermail:16.0.6369
-
cpe:2.3:a:smartertools:smartermail:16.0.6376
-
cpe:2.3:a:smartertools:smartermail:16.0.6382
-
cpe:2.3:a:smartertools:smartermail:16.0.6390
-
cpe:2.3:a:smartertools:smartermail:16.0.6397
-
cpe:2.3:a:smartertools:smartermail:16.3.6663
-
cpe:2.3:a:smartertools:smartermail:16.3.6670
-
cpe:2.3:a:smartertools:smartermail:16.3.6677
-
cpe:2.3:a:smartertools:smartermail:16.3.6684
-
cpe:2.3:a:smartertools:smartermail:16.3.6691
-
cpe:2.3:a:smartertools:smartermail:16.3.6698
-
cpe:2.3:a:smartertools:smartermail:16.3.6705
-
cpe:2.3:a:smartertools:smartermail:16.3.6729
-
cpe:2.3:a:smartertools:smartermail:16.3.6733
-
cpe:2.3:a:smartertools:smartermail:16.3.6740
-
cpe:2.3:a:smartertools:smartermail:16.3.6744
-
cpe:2.3:a:smartertools:smartermail:16.3.6751
-
cpe:2.3:a:smartertools:smartermail:16.3.6754
-
cpe:2.3:a:smartertools:smartermail:16.3.6768
-
cpe:2.3:a:smartertools:smartermail:16.3.6775
-
cpe:2.3:a:smartertools:smartermail:16.3.6782
-
cpe:2.3:a:smartertools:smartermail:16.3.6795
-
cpe:2.3:a:smartertools:smartermail:16.3.6799
-
cpe:2.3:a:smartertools:smartermail:16.3.6802
-
cpe:2.3:a:smartertools:smartermail:16.3.6809
-
cpe:2.3:a:smartertools:smartermail:16.3.6816
-
cpe:2.3:a:smartertools:smartermail:16.3.6821
-
cpe:2.3:a:smartertools:smartermail:16.3.6830
-
cpe:2.3:a:smartertools:smartermail:16.3.6841
-
cpe:2.3:a:smartertools:smartermail:16.3.6843
-
cpe:2.3:a:smartertools:smartermail:16.3.6855
-
cpe:2.3:a:smartertools:smartermail:16.3.6870
-
cpe:2.3:a:smartertools:smartermail:16.3.6885
-
cpe:2.3:a:smartertools:smartermail:16.3.6893
-
cpe:2.3:a:smartertools:smartermail:16.3.6897
-
cpe:2.3:a:smartertools:smartermail:16.3.6915
-
cpe:2.3:a:smartertools:smartermail:16.3.6970