CVE-2007-6598 in Dovecotinfo

Summary

Dovecot before 1.0.10, with certain configuration options including use of %variables, does not properly maintain the LDAP+auth cache, which might allow remote authenticated users to login as a different user who has the same password.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

12/31/2007

Disclosure

01/03/2008

Moderation

VulDB entry created

Entries

VDB-40356 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

7.3

EPSS

0.02525

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-6598
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-6598
CVE Details	https://www.cvedetails.com/cve/CVE-2007-6598/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!