SMTP Server Spoofing Vulnerability in Trojita

SMTP Server Spoofing Vulnerability in Trojita

CVE-2020-15047 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.

Learn more about our Cis Benchmark Audit For Server Software.