CyberSec.Space Logo
CVEブラウザに戻る

CVE-2013-6028

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.1280%
EPSS Percentile40.50th
Published2014年1月12日
Last Modified2026年4月29日

Vulnerability Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add user accounts, (2) modify user accounts, (3) delete user accounts, or (4) stop the product's service.

Affected Platforms (CPE)

📦
Atmail

Atmail

<= 7.1.6
📦
Atmail

Atmail

= 6.3.0
📦
Atmail

Atmail

= 6.3.1
📦
Atmail

Atmail

= 6.3.2
📦
Atmail

Atmail

= 6.3.3
📦
Atmail

Atmail

= 6.3.4
📦
Atmail

Atmail

= 6.3.5
📦
Atmail

Atmail

= 6.3.6
📦
Atmail

Atmail

= 6.4.0
📦
Atmail

Atmail

= 6.4.1
📦
Atmail

Atmail

= 6.4.2
📦
Atmail

Atmail

= 6.5.0
📦
Atmail

Atmail

= 6.6.0
📦
Atmail

Atmail

= 6.6.1
📦
Atmail

Atmail

= 6.6.2
📦
Atmail

Atmail

= 6.6.3
📦
Atmail

Atmail

= 6.6.4
📦
Atmail

Atmail

= 6.20.4
📦
Atmail

Atmail

= 6.20.5
📦
Atmail

Atmail

= 6.20.6
📦
Atmail

Atmail

= 6.20.7
📦
Atmail

Atmail

= 6.20.8
📦
Atmail

Atmail

= 6.20.10
📦
Atmail

Atmail

= 6.20.11
📦
Atmail

Atmail

= 6.20.12
📦
Atmail

Atmail

= 6.20.13
📦
Atmail

Atmail

= 7.1.0
📦
Atmail

Atmail

= 7.1.1
📦
Atmail

Atmail

= 7.1.2
📦
Atmail

Atmail

= 7.1.3
📦
Atmail

Atmail

= 7.1.4
📦
Atmail

Atmail

= 7.1.5

References & Advisories

🔗 http://atmail.com/changelog/
🔗 http://osvdb.org/101936
🔗 http://www.kb.cert.org/vuls/id/204950
🔗 http://atmail.com/changelog/
🔗 http://osvdb.org/101936
🔗 http://www.kb.cert.org/vuls/id/204950

関連する脆弱性情報

CVE-2013-503210.0

Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnera...

CVE-2013-503110.0

Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnera...

CVE-2008-561910.0

html2text.php in Chuggnutt HTML to Text Converter, as used in PHPMailer before 5.2.10, RoundCube Webmail (roundcubemail) 0.2-1.alp...

CVE-2013-503310.0

Unspecified vulnerability in Atmail before 6.6.4, and 7.x before 7.1.2, has unknown impact and attack vectors, a different vulnera...