Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5.21) frontend via IMAP or SMTP have their Content-Type changed from 'Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="abc123abc123"' to 'Content-Type: text/plain' - this results in the encrypted message being structured in such a way that most PGP/MIME-capable mail user agents are unable to decrypt it cleanly. The outcome is that encrypted mail passing through this device does not work (Denial of Service), and a common real-world consequence is a request to resend the mail in the clear (Information Disclosure).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Vaultive O365 安全漏洞
Vulnerability Description
Vaultive O365是美国Vaultive公司的一个应用于Microsoft Office 365中的提供使用功能保留加密和基于策略的控件,IMAP和SMTP是其中的接口。 Vaultive O365 4.5.21之前的版本中的IMAP和SMTP接口存在安全漏洞。攻击者可利用该漏洞造成拒绝服务,获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A