Roundcube Webmail Vulnerabilità

Sequenza temporale

Versione

0.1.116
0.2.116
0.3.116
0.416
0.4.116

Contromisure

Official Fix36
Temporary Fix0
Workaround0
Unavailable0
Not Defined2

Sfruttabilità

High2
Functional0
Proof-of-Concept0
Unproven0
Not Defined36

Accesso al vettore

Not Defined0
Physical0
Local0
Adjacent0
Network38

Autenticazione

Not Defined0
High0
Low8
None30

Interazione dell'utente

Not Defined0
Required22
None16

C3BM Index

CVSSv3 Base

≤10
≤20
≤30
≤42
≤514
≤610
≤74
≤82
≤94
≤102

CVSSv3 Temp

≤10
≤20
≤30
≤42
≤514
≤610
≤76
≤80
≤94
≤102

VulDB

≤10
≤20
≤30
≤44
≤518
≤68
≤70
≤84
≤92
≤102

NVD

≤10
≤20
≤30
≤40
≤50
≤60
≤78
≤84
≤92
≤102

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Fornitore

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k16
<2k14
<5k8
<10k0
<25k0
<50k0
<100k0
≥100k0

Exploiter aujourd'hui

<1k38
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

🔴 CTI Attività

Affected Versions (69): 0.1, 0.1.1, 0.2, 0.2.1, 0.2.2, 0.3, 0.3.1, 0.4, 0.4.1, 0.4.2, 0.5, 0.5.1, 0.5.2, 0.5.3, 0.5.4, 0.6, 0.7, 0.7.1, 0.7.2, 0.7.3, 0.8, 0.8.1, 0.8.2, 0.8.3, 0.8.4, 0.8.5, 0.8.6, 0.9, 0.9.1, 0.9.2, 0.9.3, 0.9.4, 0.9.5, 0.9.6, 1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.0.7, 1.0.8, 1.0.9, 1.1, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.2, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.4.4, 1.4.5, 1.4.6, 1.4.7, 1.4.8, 1.4.9

Tipo di software: Mail Client Software

Data di pubblicazioneBaseTempVulnerabilità0dayOggiSfrConCTICVE
29/12/20203.53.5RoundCube Webmail Email Message rcube_string_replacer.php linkref_addindex cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-35730
04/05/20208.58.2RoundCube Webmail Config Setting rcube_image.php escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-12641
04/05/20208.58.2RoundCube Webmail rcube_plugin_api.php directory traversal$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-12640
04/05/20205.04.8RoundCube Webmail cross site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-12626
04/05/20205.24.9RoundCube Webmail rcube_washtml.php cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-12625
13/03/20186.46.3RoundCube Webmail iRedMail Key escalazione di privilegi$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2018-1000072
17/07/20173.53.3RoundCube Webmail Persistent cross site scripting$0-$5k$0-$5kNot DefinedNot Defined0.01CVE-2017-1000049
23/05/20176.46.3RoundCube Webmail rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.02CVE-2015-5383
23/05/20175.45.3RoundCube Webmail photo.inc rivelazione di un 'informazione$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-5382
23/05/20175.25.1RoundCube Webmail rcmail.php Stored cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-5381

28 non vengono visualizzate più voci

🔒 Login Required

You need to signup and login to see more of the remaining 28 results.

altre voci di Roundcube

PrecedenteVisione D'insiemeIl prossimo

Do you know our Splunk app?

Download it now for free!