Authentication Bypass Vulnerability in MicroWorld Technologies MailScan
CVE-2008-3729

Currently unrated

Key Information:

Vendor: Microworld Technologies
Status: Mailscan
Vendor: CVE Published:; 20 August 2008

🔔 Create Microworld Technologies Vulnerability Alert

What is CVE-2008-3729?

This vulnerability in MicroWorld Technologies MailScan 5.6.a espatch 1 allows remote attackers to bypass authentication mechanisms. By manipulating cookie values, specifically by using an 'IsAdmin=true' cookie or by making a request without any cookie, attackers can gain unauthorized administrative access to the web-based administration interface. This exploit poses significant risks to users, enabling unauthorized users to manage and control the mail protection settings without proper authentication.

References

http://securityreason.com/securityalert/4172

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/bid/30700

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/44515

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 20, 2008
Vulnerability Reserved
Aug 20, 2008