CVE-2001-1211
Last modified
CVE-2001-1211 is a vulnerability of currently unknown severity. Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.. EPSS estimates a 3.00% chance of exploitation in the next 30 days.
Description
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ipswitch | Imail | 6.1 |
| Ipswitch | Imail | 6.2 |
| Ipswitch | Imail | 6.3 |
| Ipswitch | Imail | 6.4 |
| Ipswitch | Imail | 7.0.1 |
| Ipswitch | Imail | 7.0.2 |
| Ipswitch | Imail | 7.0.3 |
| Ipswitch | Imail | 7.0.4 |
References
- http://www.iss.net/security_center/static/7752.phpVendor Advisory
- http://www.securityfocus.com/archive/1/247786Vendor Advisory
- http://www.securityfocus.com/bid/3766Vendor Advisory
- http://www.iss.net/security_center/static/7752.phpVendor Advisory
- http://www.securityfocus.com/archive/1/247786Vendor Advisory
- http://www.securityfocus.com/bid/3766Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-1211?
How severe is CVE-2001-1211?
How do I fix CVE-2001-1211?
Are you affected by CVE-2001-1211?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST