Vulnerabilities > CVE-2019-5966 - Authorization Bypass Through User-Controlled Key vulnerability in Joruri Mail 2.1.4
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Joruri Mail 2.1.4 and earlier does not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and alter/disclose the information via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |