CVE-2020-29547

Published: May 29, 2023

Modified: Jan 14, 2025

PUBLISHED

Description

An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands into an encrypted user session. This can lead to credential disclosure.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://uncensored.citadel.org/msg/4576039

http://uncensored.citadel.org/dotgoto?room=Citadel%20Security

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-29547

Description

Affected Products

References