Cleartext Password Exposure in SMTP Authentication

Cleartext Password Exposure in SMTP Authentication

CVE-2023-27927 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.

Learn more about our User Device Pen Test.