Main Vulnerability Database Vulnerabilities #VU70764

Improper Authentication in m-FILTER - CVE-2023-22278

Published: January 6, 2023

Vulnerability identifier: #VU70764

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-22278

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
m-FILTER

Software vendor:
Digital Arts

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to improper implementation in the authentication process of sending emails.

Successful exploitation of this vulnerability may allow a remote attacker to cause the following impacts:

The source IP address is blacklisted and emails cannot be sent
If the archive function is being used, sent unsolicited emails are archived and the disk space is oppressed

Install updates from vendor's website.