CVE Daily

CVE-2020-25848

HGiga MailSherlock contains weak authentication flaw that attackers grant privil...

Critical CVSS 9.8

Overview

HGiga MailSherlock contains weak authentication flaw that attackers grant privilege remotely with default password generation mechanism.

CWE: CWE-287 Published: 2020-12-31T08:15:13.410
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags