CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22398
https://notcve.org/view.php?id=CVE-2024-22398
An improper Limitation of a Pathname to a Restricted Directory (Path Traversal) vulnerability in SonicWall Email Security Appliance could allow a remote attacker with administrative privileges to conduct a directory traversal attack and delete arbitrary files from the appliance file system. Una vulnerabilidad de limitación inadecuada de un nombre de ruta a un directorio restringido (Path Traversal) en SonicWall Email Security Appliance podría permitir que un atacante remoto con privilegios administrativos lleve a cabo un ataque directory traversal y elimine archivos arbitrarios del sistema de archivos del dispositivo. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0006 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36519
https://notcve.org/view.php?id=CVE-2020-36519
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs.) Mimecast Email Security versiones anteriores a 10-01-2020 permite a cualquier administrador falsificar cualquier dominio y pasar la alineación DMARC por medio de SPF. Esto ocurre por el uso inapropiado de la funcionalidad address rewrite. • https://wesleyk.me/2020/01/10/my-first-vulnerability-mimecast-sender-address-verification •