CVE-2009-1468

Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) sql and (2) order_by elements in an XML search query.

CVSS v2.0 6.5 MEDIUM

6.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.redteam-pentesting.de/advisories/rt-sa-2009-003	Exploit
http://www.securityfocus.com/bid/34820	Exploit
http://www.securitytracker.com/id?1022169
http://osvdb.org/54228
http://www.vupen.com/english/advisories/2009/1253
http://www.securityfocus.com/archive/1/503226/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:icewarp:webmail_server:2.10.210:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.220:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.320:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.330:::::::*
	cpe:2.3:a:icewarp:webmail_server:3.00.140:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.170:::::::*
	cpe:2.3:a:icewarp:webmail_server:3.10.011:::::::*
	cpe:2.3:a:icewarp:webmail_server:4.2.3:::::::*
	cpe:2.3:a:icewarp:webmail_server:4.4.1:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.4.2:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.4.3:::::::*
	cpe:2.3:a:icewarp:webmail_server:6.0.7:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.115:::::::*
	cpe:2.3:a:icewarp:email_server:4.2.3:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.8.2:::::::*
	cpe:2.3:a:icewarp:email_server:3.00.140:::::::*
	cpe:2.3:a:icewarp:webmail_server:9.1.0:::::::*
	cpe:2.3:a:icewarp:webmail_server:8.0.2:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.110:::::::*
	cpe:2.3:a:icewarp:email_server:3.00.130:::::::*
	cpe:2.3:a:icewarp:email_server:5.4.1:::::::*
	cpe:2.3:a:icewarp:webmail_server::::::::
	cpe:2.3:a:icewarp:webmail_server:7.2.0:::::::*
	cpe:2.3:a:icewarp:webmail_server:6.0.5:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.331:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.330:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.8.3:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.220:::::::*
	cpe:2.3:a:icewarp:webmail_server:7.4.0:::::::*
	cpe:2.3:a:icewarp:email_server:4.4.1:::::::*
	cpe:2.3:a:icewarp:webmail_server:8.2.0:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.240:::::::*
	cpe:2.3:a:icewarp:email_server:3.10.011:::::::*
	cpe:2.3:a:icewarp:webmail_server:4.2.1:::::::*
	cpe:2.3:a:icewarp:webmail_server:7.1.4:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.5.7:::::::*
	cpe:2.3:a:icewarp:webmail_server:6.0.3:::::::*
	cpe:2.3:a:icewarp:webmail_server:3.00.130:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.7.3:::::::*
	cpe:2.3:a:icewarp:email_server:5.8.2:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.310:::::::*
	cpe:2.3:a:icewarp:email_server:5.7.3:::::::*
	cpe:2.3:a:icewarp:email_server:8.2.0:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.320:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.280:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.4.1:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.105:::::::*
	cpe:2.3:a:icewarp:email_server:4.2.2:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.200:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.3.2:::::::*
	cpe:2.3:a:icewarp:webmail_server:3.00.120:::::::*
	cpe:2.3:a:icewarp:webmail_server:5.5.6:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.210:::::::*
	cpe:2.3:a:icewarp:email_server:6.0.3:::::::*
	cpe:2.3:a:icewarp:email_server:5.5.7:::::::*
	cpe:2.3:a:icewarp:webmail_server:2.10.290:::::::*
	cpe:2.3:a:icewarp:email_server:3.00.120:::::::*
	cpe:2.3:a:icewarp:email_server:2.10.200:::::::*
	cpe:2.3:a:icewarp:email_server:7.4.0:::::::*
	cpe:2.3:a:icewarp:email_server:9.1.0:::::::*
	cpe:2.3:a:icewarp:webmail_server:7.1.6:::::::*
	cpe:2.3:a:icewarp:email_server:7.2.0:::::::*
	cpe:2.3:a:icewarp:email_server:6.0.5:::::::*
	cpe:2.3:a:icewarp:webmail_server:8.0.1:::::::*
cpe:2.3:a:icewarp:email_server:5.3.0:::::::*
cpe:2.3:a:icewarp:email_server:5.4.2:::::::*
cpe:2.3:a:icewarp:email_server:3.00.110:::::::*
cpe:2.3:a:icewarp:email_server:4.2.1:::::::*
cpe:2.3:a:icewarp:webmail_server:8.0.3:::::::*
cpe:2.3:a:icewarp:webmail_server:8.9.1:::::::*
cpe:2.3:a:icewarp:webmail_server:6.0.2:::::::*
cpe:2.3:a:icewarp:webmail_server:9.0.0:::::::*
cpe:2.3:a:icewarp:webmail_server:5.3.0:::::::*
cpe:2.3:a:icewarp:webmail_server:3.00.110:::::::*
cpe:2.3:a:icewarp:webmail_server:4.2.2:::::::*
cpe:2.3:a:icewarp:email_server:8.0.3:::::::*
cpe:2.3:a:icewarp:email_server:9.2.0:::::::*
cpe:2.3:a:icewarp:email_server:2.10.340:::::::*
cpe:2.3:a:icewarp:email_server:5.9.4:::::::*
cpe:2.3:a:icewarp:webmail_server:7.6.4:::::::*
cpe:2.3:a:icewarp:webmail_server:5.8.6:::::::*
cpe:2.3:a:icewarp:webmail_server:8.5.0:::::::*
cpe:2.3:a:icewarp:webmail_server:5.9.4:::::::*
cpe:2.3:a:icewarp:webmail_server:7.4.2:::::::*
cpe:2.3:a:icewarp:email_server:4.10.040:::::::*
cpe:2.3:a:icewarp:webmail_server:4.10.040:::::::*
cpe:2.3:a:icewarp:webmail_server:5.1.2:::::::*
cpe:2.3:a:icewarp:email_server:4.10.050:::::::*
cpe:2.3:a:icewarp:email_server:2.10.360:::::::*
cpe:2.3:a:icewarp:webmail_server:5.5.4:::::::*
cpe:2.3:a:icewarp:email_server:7.1.6:::::::*
cpe:2.3:a:icewarp:webmail_server:5.5.3:::::::*
cpe:2.3:a:icewarp:email_server:7.1.4:::::::*
cpe:2.3:a:icewarp:email_server:8.9.1:::::::*
cpe:2.3:a:icewarp:webmail_server:8.2.2:::::::*
cpe:2.3:a:icewarp:webmail_server:7.4.5:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.250:::::::*
cpe:2.3:a:icewarp:email_server:2.10.140:::::::*
cpe:2.3:a:icewarp:email_server:5.1.2:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.150:::::::*
cpe:2.3:a:icewarp:email_server:7.4.5:::::::*
cpe:2.3:a:icewarp:webmail_server:7.0.1:::::::*
cpe:2.3:a:icewarp:webmail_server:5.4.4:::::::*
cpe:2.3:a:icewarp:email_server:6.0.7:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.165:::::::*
cpe:2.3:a:icewarp:email_server:5.4.3:::::::*
cpe:2.3:a:icewarp:email_server:5.5.5:::::::*
cpe:2.3:a:icewarp:email_server:7.6.4:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.360:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.105:::::::*
cpe:2.3:a:icewarp:email_server:2.10.170:::::::*
cpe:2.3:a:icewarp:email_server:5.4.4:::::::*
cpe:2.3:a:icewarp:email_server:9.0.0:::::::*
cpe:2.3:a:icewarp:email_server:2.10.250:::::::*
cpe:2.3:a:icewarp:webmail_server:3.10.110:::::::*
cpe:2.3:a:icewarp:webmail_server:6.2.1:::::::*
cpe:2.3:a:icewarp:email_server:8.3.5:::::::*
cpe:2.3:a:icewarp:email_server:2.10.280:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.240:::::::*
cpe:2.3:a:icewarp:email_server:8.2.2:::::::*
cpe:2.3:a:icewarp:email_server:6.0.2:::::::*
cpe:2.3:a:icewarp:email_server:2.10.290:::::::*
cpe:2.3:a:icewarp:webmail_server:3.00.100:::::::*
cpe:2.3:a:icewarp:email_server:5.8.3:::::::*
cpe:2.3:a:icewarp:webmail_server:4.00.30:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.190:::::::*
cpe:2.3:a:icewarp:webmail_server:7.6.0:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.140:::::::*
cpe:2.3:a:icewarp:webmail_server:6.1.0:::::::*
cpe:2.3:a:icewarp:email_server:4.4.2:::::::*
cpe:2.3:a:icewarp:webmail_server:5.8.4:::::::*
cpe:2.3:a:icewarp:email_server:8.0.1:::::::*
cpe:2.3:a:icewarp:email_server:5.3.2:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.331:::::::*
cpe:2.3:a:icewarp:email_server:2.10.190:::::::*
cpe:2.3:a:icewarp:email_server:7.4.2:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.310:::::::*
cpe:2.3:a:icewarp:webmail_server:9.2.0:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.110:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.350:::::::*
cpe:2.3:a:icewarp:email_server:2.10.165:::::::*
cpe:2.3:a:icewarp:webmail_server:7.5.2:::::::*
cpe:2.3:a:icewarp:email_server:2.10.260:::::::*
cpe:2.3:a:icewarp:webmail_server:5.8.5:::::::*
cpe:2.3:a:icewarp:email_server:2.10.350:::::::*
cpe:2.3:a:icewarp:webmail_server:5.5.5:::::::*
cpe:2.3:a:icewarp:webmail_server:5.1.5:::::::*
cpe:2.3:a:icewarp:webmail_server:4.10.050:::::::*
cpe:2.3:a:icewarp:email_server:5.5.6:::::::*
cpe:2.3:a:icewarp:email_server::::::::
cpe:2.3:a:icewarp:email_server:8.0.2:::::::*
cpe:2.3:a:icewarp:webmail_server:8.3.8:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.115:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.340:::::::*
cpe:2.3:a:icewarp:email_server:5.1.3:::::::*
cpe:2.3:a:icewarp:email_server:5.8.4:::::::*
cpe:2.3:a:icewarp:email_server:6.1.0:::::::*
cpe:2.3:a:icewarp:webmail_server:2.10.260:::::::*
cpe:2.3:a:icewarp:email_server:4.00.30:::::::*
cpe:2.3:a:icewarp:webmail_server:8.3.5:::::::*
cpe:2.3:a:icewarp:email_server:3.10.110:::::::*
cpe:2.3:a:icewarp:webmail_server:4.4.2:::::::*
cpe:2.3:a:icewarp:email_server:2.10.150:::::::*
cpe:2.3:a:icewarp:email_server:3.00.100:::::::*
cpe:2.3:a:icewarp:webmail_server:5.1.3:::::::*
cpe:2.3:a:icewarp:email_server:7.0.1:::::::*
cpe:2.3:a:icewarp:email_server:5.8.6:::::::*
cpe:2.3:a:icewarp:email_server:6.2.1:::::::*
cpe:2.3:a:icewarp:email_server:7.6.0:::::::*
cpe:2.3:a:icewarp:email_server:5.8.5:::::::*
cpe:2.3:a:icewarp:email_server:8.5.0:::::::*
cpe:2.3:a:icewarp:email_server:8.3.8:::::::*
cpe:2.3:a:icewarp:email_server:5.1.5:::::::*
cpe:2.3:a:icewarp:email_server:5.5.4:::::::*
cpe:2.3:a:icewarp:email_server:5.5.3:::::::*
cpe:2.3:a:icewarp:email_server:7.5.2:::::::*

Information

Published : 2009-05-05 13:30

Updated : 2018-10-10 12:37

NVD link : CVE-2009-1468

Mitre link : CVE-2009-1468

JSON object : View

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Products Affected

icewarp

email_server
webmail_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-003", "name": "http://www.redteam-pentesting.de/advisories/rt-sa-2009-003", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/34820", "name": "34820", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1022169", "name": "1022169", "tags": [], "refsource": "SECTRACK"}, {"url": "http://osvdb.org/54228", "name": "54228", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2009/1253", "name": "ADV-2009-1253", "tags": [], "refsource": "VUPEN"}, {"url": "http://www.securityfocus.com/archive/1/503226/100/0/threaded", "name": "20090505 [RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple SQL injection vulnerabilities in the search form in server/webmail.php in the Groupware component in IceWarp eMail Server and WebMail Server before 9.4.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) sql and (2) order_by elements in an XML search query."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-89"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-1468", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2009-05-05T20:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.210:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.220:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.320:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.330:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.00.140:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.170:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.10.011:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:6.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.115:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.00.140:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:9.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.110:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.00.130:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "9.3.0"}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.331:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.330:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.220:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.240:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.10.011:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.00.130:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.310:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.320:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.280:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.105:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.200:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.00.120:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.210:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:6.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.5.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.290:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.00.120:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.200:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:9.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:6.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.00.110:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:9.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.00.110:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.340:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.8.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.9.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.10.040:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.10.040:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.10.050:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.360:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.1.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.9.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.250:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.140:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.150:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:6.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.165:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.6.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.360:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.105:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.170:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:9.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.250:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.10.110:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:6.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.280:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.240:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:6.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.290:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:3.00.100:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.00.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.190:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.140:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:6.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.331:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.190:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.310:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:9.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.110:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.350:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.165:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:7.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.260:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.350:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.10.050:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.5.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "9.3.0"}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.115:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.340:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:6.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:2.10.260:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:4.00.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:8.3.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.10.110:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:4.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:2.10.150:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:3.00.100:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:webmail_server:5.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.8.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:6.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.8.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:8.3.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:5.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:icewarp:email_server:7.5.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-10T19:37Z"}

6.5 /10