Security for everyone

CVE-2019-12593 Scanner

Detects 'Local File Inclusion (LFI)' vulnerability in IceWarp Mail Server affects v. through 10.4.4.

SCAN NOW

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Url

Source

-

IceWarp Mail Server is a software application that enables organizations to manage their emails, contacts, calendars, and tasks. It is widely used in corporations, non-profit organizations, and government agencies. The product offers several features like anti-virus and anti-spam protection, mobile synchronization, secure collaboration, and backup and recovery services.

Recently, a vulnerability has been detected in IceWarp Mail Server, identified by the CVE-2019-12593 code. This vulnerability is classified as a local file inclusion (LFI) vulnerability, which allows an attacker to execute arbitrary code or access sensitive information stored in the server. The vulnerability is caused by a directory traversal that occurs in the webmail/calendar/minimizer/index.php?style=..%5c URL.

If this vulnerability is exploited, an attacker can access critical data stored on the server, which includes email messages, contact lists, calendar appointments, and other sensitive information. This can lead to data theft, identity theft, financial loss, and reputational damage for organizations that use this software.

Thanks to the pro features of the securityforeveryone.com platform, readers can easily and quickly learn about vulnerabilities in their digital assets. The platform offers comprehensive vulnerability scanning, penetration testing, and security audit services that can help organizations mitigate cybersecurity risks and protect their digital assets from potential threats. By using the platform, organizations can ensure that their infrastructure is secure and resilient against any cyber attack.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture