CVE-2018-1000071
N/A
N/A
Summary
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt
- https://github.com/roundcube/roundcubemail/issues/6173
References
- https://www.legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt
- https://github.com/roundcube/roundcubemail/issues/6173
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.