Information disclosure in Icewarp Mail_server

CVE-2011-3580

IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function.

Vulnerability class: Information Disclosure

EPSS: 0.016 (72.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References