Security Advisory

CVE-2019-12938

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-06-24 13:07:31

Last updated 2024-08-04 23:32:55

Assigner mitre

State PUBLISHED

Description

The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.

← Browse all CVEs View on cve.org ↗