CVE-2017-5930 in PostfixAdmininfo

Summary

The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check.

Reservation

02/07/2017

Disclosure

03/20/2017

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
98314	PostfixAdmin AliasHandler delete.php gen_show_status Delete permission	275	High	Official fix	CVE-2017-5930

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!