SMTP STARTTLS Misconfiguration in KDE KMail from KDE
CVE-2021-38373
5.3MEDIUM
What is CVE-2021-38373?
In KDE KMail version 19.12.3, a configuration issue prevents the SMTP STARTTLS option from being properly utilized. This results in emails being transmitted in cleartext unless the 'Server requires authentication' setting is enabled. Consequently, sensitive information may be exposed during email transmission, posing a risk to users concerned about email security and privacy.