CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38084
https://notcve.org/view.php?id=CVE-2021-38084
An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session. Se ha detectado un problema en el componente POP3 de Courier Mail Server versiones anteriores a 1.1.5. Unos atacantes de tipo Meddler-in-the-middle pueden canalizar comandos después del comando POP3 STLS, inyectando comandos en texto plano en una sesión de usuario cifrada • https://sourceforge.net/p/courier/mailman/courier-imap/thread/cone.1382574216.483027.8082.1000%40monster.email-scan.com/#msg31555583 https://sourceforge.net/p/courier/mailman/message/37329216 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •