Vulnerability Details CVE-2020-15047
MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.6%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2020-15047
-
cpe:2.3:a:trojita_project:trojita:0.1
-
cpe:2.3:a:trojita_project:trojita:0.2
-
cpe:2.3:a:trojita_project:trojita:0.2.9
-
cpe:2.3:a:trojita_project:trojita:0.2.9.1
-
cpe:2.3:a:trojita_project:trojita:0.2.9.2
-
cpe:2.3:a:trojita_project:trojita:0.2.9.3
-
cpe:2.3:a:trojita_project:trojita:0.2.9.4
-
cpe:2.3:a:trojita_project:trojita:0.3
-
cpe:2.3:a:trojita_project:trojita:0.3.90
-
cpe:2.3:a:trojita_project:trojita:0.3.91
-
cpe:2.3:a:trojita_project:trojita:0.3.92
-
cpe:2.3:a:trojita_project:trojita:0.3.93
-
cpe:2.3:a:trojita_project:trojita:0.3.96
-
cpe:2.3:a:trojita_project:trojita:0.4
-
cpe:2.3:a:trojita_project:trojita:0.7