Security Advisory

CVE-2020-29547

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-05-29 00:00:00

Last updated 2025-01-14 17:52:53

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands into an encrypted user session. This can lead to credential disclosure.

← Browse all CVEs View on cve.org ↗