Risky Cryptographic Algorithm in Maddy by Max Mazurov
CVE-2021-42583

7.5HIGH

Key Information:

Vendor: Foxcpp
Status: Maddy
Vendor: CVE Published:; 28 December 2021

What is CVE-2021-42583?

A vulnerability in Maddy, a mail server by Max Mazurov, can lead to potential exposure of sensitive information due to a broken or risky cryptographic algorithm present before version 0.5.2. This flaw poses a significant risk to data integrity and confidentiality, necessitating prompt updates to the latest version to mitigate the potential risks associated with this security issue.

References

https://github.com/foxcpp/maddy/blob/df40dce1284cd0fd0a9e...

x_refsource_MISC

https://github.com/foxcpp/maddy/releases/tag/v0.5.2

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 28, 2021
Vulnerability Reserved
Oct 18, 2021

CVE-2021-42583 Data

JSON

Foxcpp

What is CVE-2021-42583?

References

CVSS V3.1

Timeline