go to Content

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center



Openfind Mail2000 - Broken Access Control

TVN ID TVN-202008001
Public Date 2020-08-31
Affected Products Mail2000 7.0
Description Openfind Mail2000 contains Broken Access Control vulnerability, which can be used to execute unauthorized commands after attackers obtain the administrator access token or cookie.
CVE ID CVE-2020-12776
Solution Update Patch to 091 of SP4, or contact with Openfind.
Credit Openfind technical department