CVE-2020-12398
CVSS v3.1
7.5 (High)
CVSS v2.0
4.3 (Medium)
EPSS
0.19 % (56th)
Affected Products
2
Advisories
17
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird < 68.9.0.
Weaknesses
- CWE-319
- Cleartext Transmission of Sensitive Information
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-07-09 15:15:10
(4 years ago) - Updated Date
-
2022-01-04 16:38:59
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...