CVE-2020-12776: Openfind Mail2000 - Broken Access Control
First published: Tue Sep 01 2020(Updated: )
Openfind Mail2000 contains Broken Access Control vulnerability, which can be used to execute unauthorized commands after attackers obtain the administrator access token or cookie.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Openfind Mail2000 | =7.0 |
Remedy
Update Patch to 091 of SP4, or contact with Openfind.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this Openfind Mail2000 vulnerability?
The vulnerability ID of this Openfind Mail2000 vulnerability is CVE-2020-12776.
What is the severity rating of CVE-2020-12776?
CVE-2020-12776 has a severity rating of 7.2 (critical).
What is the description of the Openfind Mail2000 vulnerability?
The Openfind Mail2000 vulnerability is a broken access control vulnerability that allows attackers to execute unauthorized commands after obtaining the administrator access token or cookie.
Which version of Openfind Mail2000 is affected by CVE-2020-12776?
The version 7.0 of Openfind Mail2000 is affected by CVE-2020-12776.
Where can I find more information about CVE-2020-12776?
You can find more information about CVE-2020-12776 at this link: https://www.twcert.org.tw/tw/cp-132-3897-01d73-1.html
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/references
- agent/remedy
- agent/title
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- vendor/openfind
- canonical/openfind mail2000
- version/openfind mail2000/7.0