Search
Find a vulnerability
Search criteria
6 vulnerabilities found for Mail2000 V7.0 by Openfind
CVE-2024-6741 (GCVE-0-2024-6741)
Vulnerability from nvd – Published: 2024-07-15 08:26 – Updated: 2024-08-01 21:41
VLAI
Title
Openfind Mail2000 - HttpOnly flag bypass
Summary
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html | third-party-advisory |
| https://www.openfind.com.tw/taiwan/download/Openf… | vendor-advisory |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Openfind | Mail2000 V7.0 |
Affected:
all , < Patch 131
(custom)
|
|
| Openfind | Mail2000 V8.0 |
Affected:
all , < Patch 044
(custom)
|
|
| openfind | mail2000 |
Affected:
0 , < patch_131
(custom)
cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:* |
|
| openfind | mail2000 |
Affected:
0 , < patch_044
(custom)
cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:* |
Date Public
2024-07-15 08:22
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mail2000",
"vendor": "openfind",
"versions": [
{
"lessThan": "patch_131",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mail2000",
"vendor": "openfind",
"versions": [
{
"lessThan": "patch_044",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:49:49.207740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:54:55.487Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:04.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mail2000 V7.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 131",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mail2000 V8.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 044",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-07-15T08:22:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Openfind\u0027s Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled."
}
],
"value": "Openfind\u0027s Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled."
}
],
"impacts": [
{
"capecId": "CAPEC-31",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T08:33:27.299Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Mail2000 V7.0 to Patch 131 or later\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Mail2000 V8.0 to Patch 044 or later\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update Mail2000 V7.0 to Patch 131 or later\nUpdate Mail2000 V8.0 to Patch 044 or later"
}
],
"source": {
"advisory": "TVN-202407007",
"discovery": "EXTERNAL"
},
"title": "Openfind Mail2000 - HttpOnly flag bypass",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-6741",
"datePublished": "2024-07-15T08:26:32.252Z",
"dateReserved": "2024-07-15T03:34:25.851Z",
"dateUpdated": "2024-08-01T21:41:04.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6740 (GCVE-0-2024-6740)
Vulnerability from nvd – Published: 2024-07-15 08:00 – Updated: 2024-08-01 21:41
VLAI
Title
Openfind Mail2000 - Stored XSS
Summary
Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html | third-party-advisory |
| https://www.openfind.com.tw/taiwan/download/Openf… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Openfind | Mail2000 V7.0 |
Affected:
all , < Patch 131
(custom)
|
|
| Openfind | Mail2000 V8.0 |
Affected:
all , < Patch 044
(custom)
|
Date Public
2024-07-15 07:55
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T14:49:31.982383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:49:43.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:04.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mail2000 V7.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 131",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mail2000 V8.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 044",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-07-15T07:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Openfind\u0027s Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks."
}
],
"value": "Openfind\u0027s Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T08:00:31.584Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Mail2000 V7.0 to Patch 131 or later \u003cbr\u003eUpdate Mail2000 V8.0 to Patch 044 or later\u003cbr\u003e"
}
],
"value": "Update Mail2000 V7.0 to Patch 131 or later \nUpdate Mail2000 V8.0 to Patch 044 or later"
}
],
"source": {
"advisory": "TVN-202407006",
"discovery": "EXTERNAL"
},
"title": "Openfind Mail2000 - Stored XSS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-6740",
"datePublished": "2024-07-15T08:00:31.584Z",
"dateReserved": "2024-07-15T03:34:24.222Z",
"dateUpdated": "2024-08-01T21:41:04.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5399 (GCVE-0-2024-5399)
Vulnerability from nvd – Published: 2024-05-27 03:32 – Updated: 2024-08-01 21:11
VLAI
Title
Openfind Mail2000 - OS Command Injection
Summary
Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Openfind | Mail2000 V7.0 |
Affected:
Patch 55 , < Patch 124
(custom)
|
|
| Openfind | Mail2000 V8.0 |
Affected:
earlier , < Patch 31
(custom)
|
Date Public
2024-05-27 03:21
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-10T17:37:42.572423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:37:56.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mail2000 V7.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 124",
"status": "affected",
"version": "Patch 55",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mail2000 V8.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 31",
"status": "affected",
"version": "earlier",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-27T03:21:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."
}
],
"value": "Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-27T03:52:44.011Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Mail2000 V7.0 to Patch 124 or later version.\u003cbr\u003eUpdate Mail2000 V8.0 to Patch 31 or later version"
}
],
"value": "Update Mail2000 V7.0 to Patch 124 or later version.\nUpdate Mail2000 V8.0 to Patch 31 or later version"
}
],
"source": {
"advisory": "TVN-202405003",
"discovery": "INTERNAL"
},
"title": "Openfind Mail2000 - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-5399",
"datePublished": "2024-05-27T03:32:29.744Z",
"dateReserved": "2024-05-27T03:06:02.716Z",
"dateUpdated": "2024-08-01T21:11:12.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6741 (GCVE-0-2024-6741)
Vulnerability from cvelistv5 – Published: 2024-07-15 08:26 – Updated: 2024-08-01 21:41
VLAI
Title
Openfind Mail2000 - HttpOnly flag bypass
Summary
Openfind's Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html | third-party-advisory |
| https://www.openfind.com.tw/taiwan/download/Openf… | vendor-advisory |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Openfind | Mail2000 V7.0 |
Affected:
all , < Patch 131
(custom)
|
|
| Openfind | Mail2000 V8.0 |
Affected:
all , < Patch 044
(custom)
|
|
| openfind | mail2000 |
Affected:
0 , < patch_131
(custom)
cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:* |
|
| openfind | mail2000 |
Affected:
0 , < patch_044
(custom)
cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:* |
Date Public
2024-07-15 08:22
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:openfind:mail2000:7.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mail2000",
"vendor": "openfind",
"versions": [
{
"lessThan": "patch_131",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:openfind:mail2000:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "mail2000",
"vendor": "openfind",
"versions": [
{
"lessThan": "patch_044",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6741",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T13:49:49.207740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:54:55.487Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:04.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mail2000 V7.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 131",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mail2000 V8.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 044",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-07-15T08:22:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Openfind\u0027s Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled."
}
],
"value": "Openfind\u0027s Mail2000 has a vulnerability that allows the HttpOnly flag to be bypassed. Unauthenticated remote attackers can exploit this vulnerability using specific JavaScript code to obtain the session cookie with the HttpOnly flag enabled."
}
],
"impacts": [
{
"capecId": "CAPEC-31",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-31 Accessing/Intercepting/Modifying HTTP Cookies"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693 Protection Mechanism Failure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T08:33:27.299Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7940-0177a-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-7941-b66e7-2.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Mail2000 V7.0 to Patch 131 or later\u003c/span\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eUpdate Mail2000 V8.0 to Patch 044 or later\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "Update Mail2000 V7.0 to Patch 131 or later\nUpdate Mail2000 V8.0 to Patch 044 or later"
}
],
"source": {
"advisory": "TVN-202407007",
"discovery": "EXTERNAL"
},
"title": "Openfind Mail2000 - HttpOnly flag bypass",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-6741",
"datePublished": "2024-07-15T08:26:32.252Z",
"dateReserved": "2024-07-15T03:34:25.851Z",
"dateUpdated": "2024-08-01T21:41:04.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6740 (GCVE-0-2024-6740)
Vulnerability from cvelistv5 – Published: 2024-07-15 08:00 – Updated: 2024-08-01 21:41
VLAI
Title
Openfind Mail2000 - Stored XSS
Summary
Openfind's Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html | third-party-advisory |
| https://www.openfind.com.tw/taiwan/download/Openf… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Openfind | Mail2000 V7.0 |
Affected:
all , < Patch 131
(custom)
|
|
| Openfind | Mail2000 V8.0 |
Affected:
all , < Patch 044
(custom)
|
Date Public
2024-07-15 07:55
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6740",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T14:49:31.982383Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:49:43.242Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:41:04.575Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html"
},
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mail2000 V7.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 131",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mail2000 V8.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 044",
"status": "affected",
"version": "all",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-07-15T07:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Openfind\u0027s Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks."
}
],
"value": "Openfind\u0027s Mail2000 does not properly validate email atachments, allowing unauthenticated remote attackers to inject JavaScript code within the attachment and perform Stored Cross-site scripting attacks."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T08:00:31.584Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7938-d9c97-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-7939-3423f-2.html"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.openfind.com.tw/taiwan/download/Openfind_OF-ISAC-24-007.pdf"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Mail2000 V7.0 to Patch 131 or later \u003cbr\u003eUpdate Mail2000 V8.0 to Patch 044 or later\u003cbr\u003e"
}
],
"value": "Update Mail2000 V7.0 to Patch 131 or later \nUpdate Mail2000 V8.0 to Patch 044 or later"
}
],
"source": {
"advisory": "TVN-202407006",
"discovery": "EXTERNAL"
},
"title": "Openfind Mail2000 - Stored XSS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-6740",
"datePublished": "2024-07-15T08:00:31.584Z",
"dateReserved": "2024-07-15T03:34:24.222Z",
"dateUpdated": "2024-08-01T21:41:04.575Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5399 (GCVE-0-2024-5399)
Vulnerability from cvelistv5 – Published: 2024-05-27 03:32 – Updated: 2024-08-01 21:11
VLAI
Title
Openfind Mail2000 - OS Command Injection
Summary
Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Openfind | Mail2000 V7.0 |
Affected:
Patch 55 , < Patch 124
(custom)
|
|
| Openfind | Mail2000 V8.0 |
Affected:
earlier , < Patch 31
(custom)
|
Date Public
2024-05-27 03:21
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-10T17:37:42.572423Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:37:56.728Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mail2000 V7.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 124",
"status": "affected",
"version": "Patch 55",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Mail2000 V8.0",
"vendor": "Openfind",
"versions": [
{
"lessThan": "Patch 31",
"status": "affected",
"version": "earlier",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-05-27T03:21:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."
}
],
"value": "Openfind Mail2000 does not properly filter parameters of specific API. Remote attackers with administrative privileges can exploit this vulnerability to execute arbitrary system commands on the remote server."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-27T03:52:44.011Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7817-6ce29-1.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update Mail2000 V7.0 to Patch 124 or later version.\u003cbr\u003eUpdate Mail2000 V8.0 to Patch 31 or later version"
}
],
"value": "Update Mail2000 V7.0 to Patch 124 or later version.\nUpdate Mail2000 V8.0 to Patch 31 or later version"
}
],
"source": {
"advisory": "TVN-202405003",
"discovery": "INTERNAL"
},
"title": "Openfind Mail2000 - OS Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-5399",
"datePublished": "2024-05-27T03:32:29.744Z",
"dateReserved": "2024-05-27T03:06:02.716Z",
"dateUpdated": "2024-08-01T21:11:12.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}