Description

A vulnerability was found in MailCleaner up to 2023.03.14. It has been declared as critical. This vulnerability affects the function getStats/Services_silentDump/Services_stopStartMTA/Config_saveDateTime/Config_hostid/Logs_StartGetStat/dumpConfiguration of the component SOAP Service. The manipulation leads to os command injection. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-262312.

INFO

Published Date :

2024-04-29T06:22:44.534Z

Last Modified :

2024-08-01T20:05:07.551Z

Source :

VulDB
AFFECTED PRODUCTS

The following products are affected by CVE-2024-3196 vulnerability.

Vendors Products
Mailcleaner
  • Mailcleaner
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-3196.

URL Resource
https://github.com/MailCleaner/MailCleaner/pull/601 cve-icon cve-icon cve-icon
https://modzero.com/en/advisories/mz-24-01-mailcleaner/ cve-icon cve-icon cve-icon
https://modzero.com/static/MZ-24-01_modzero_MailCleaner.pdf cve-icon cve-icon cve-icon
https://vuldb.com/?ctiid.262312 cve-icon cve-icon cve-icon
https://vuldb.com/?id.262312 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Access Vector
Access Complexity
Authentication
Confidentiality Impact
Integrity Impact
Availability Impact