CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-36519

Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.0%

CVSS Severity

CVSS v3 Score 4.9

CVSS v2 Score 4.0

References

https://wesleyk.me/2020/01/10/my-first-vulnerability-mimecast-sender-address-verification/
https://wesleyk.me/2020/01/10/my-first-vulnerability-mimecast-sender-address-verification/

Products affected by CVE-2020-36519

Mimecast » Email Security » Version: N/A

cpe:2.3:a:mimecast:email_security:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-36519

Products

Pricing

Contact Us