Incorrect Access Control in IceWarp Email Server 12.3.0.1
CVE-2020-14064

6.5MEDIUM

Key Information:

Vendor: Icewarp
Status: Mail Server
Vendor: CVE Published:; 15 July 2020

Badges

👾 Exploit Exists

What is CVE-2020-14064?

IceWarp Email Server version 12.3.0.1 is affected by an access control vulnerability that allows unauthorized manipulation of user accounts. This flaw enables attackers to exploit the server’s user account management features, compromising the security and integrity of user data. Organizations utilizing this version should apply the appropriate patches or updates to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.icewarp.com/download-premise/server/

x_refsource_MISC

https://github.com/networksecure/Icewarp_incorrect_access...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Nov 23, 2021
👾
Exploit known to exist
Nov 23, 2021
Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 14, 2020

JSON

Icewarp

Badges

What is CVE-2020-14064?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.