Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MailEnable < 10.54 Cleartext Credential Storage in AUTH.SAV
Vulnerability Description
MailEnable versions prior to 10.54 contain a cleartext storage of credentials vulnerability that can lead to local credential compromise and account takeover. The product stores user and administrative passwords in plaintext within AUTH.SAV with overly permissive filesystem access. A local authenticated user with read access to this file can recover all user passwords and super-admin credentials, then use them to authenticate to MailEnable services such as POP3, SMTP, or the webmail interface, enabling unauthorized mailbox access and administrative control.
CVSS Information
N/A
Vulnerability Type
敏感数据的明文存储
Vulnerability Title
MailEnable 安全漏洞
Vulnerability Description
MailEnable是澳大利亚MailEnable公司的一个基于 Windows 的商业电子邮件服务器。 MailEnable 10.54之前版本存在安全漏洞,该漏洞源于明文存储凭据,可能导致本地凭据泄露和账户接管。
CVSS Information
N/A
Vulnerability Type
N/A