A user with device administrative privileges can change existing SMTP server settings on the device, without having to re-enter SMTP server credentials. By redirecting send-to-email traffic to the new server, the original SMTP server credentials may potentially be exposed.
Metrics
Affected Vendors & Products
References
History
Thu, 31 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-306 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: hp
Published: 2024-05-23T16:58:15.462Z
Updated: 2024-10-31T14:48:58.413Z
Reserved: 2024-05-20T13:27:27.871Z
Link: CVE-2024-5143
Vulnrichment
Updated: 2024-08-01T21:03:10.976Z
NVD
Status : Awaiting Analysis
Published: 2024-05-23T17:15:31.560
Modified: 2024-11-21T09:47:03.723
Link: CVE-2024-5143
Redhat
No data.