Vulnerabilities > CVE-2019-19199 - Insufficient Session Expiration vulnerability in Reddoxx Maildepot 2032
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://seclists.org/fulldisclosure/2020/Sep/49
- http://seclists.org/fulldisclosure/2020/Sep/49
- https://www.reddoxx.com/en/products/archiving/
- https://www.reddoxx.com/en/products/archiving/
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-049.txt
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-049.txt
- https://www.syss.de/pentest-blog/
- https://www.syss.de/pentest-blog/