7.5
CVE-2018-5184
- EPSS 1.8%
- Veröffentlicht 11.06.2018 21:29:16
- Zuletzt bearbeitet 21.11.2024 04:08:17
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version7.0
Debian ≫ Debian Linux Version8.0
Debian ≫ Debian Linux Version9.0
Mozilla ≫ Thunderbird Version < 52.8.0
Mozilla ≫ Thunderbird Esr Version < 52.8.0
Canonical ≫ Ubuntu Linux Version14.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts
Canonical ≫ Ubuntu Linux Version17.10
Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts
Redhat ≫ Enterprise Linux Version6.0
Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Desktop Version7.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Version7.0
Redhat ≫ Enterprise Linux Server Aus Version7.6
Redhat ≫ Enterprise Linux Server Eus Version7.5
Redhat ≫ Enterprise Linux Server Eus Version7.6
Redhat ≫ Enterprise Linux Server Tus Version7.6
Redhat ≫ Enterprise Linux Workstation Version6.0
Redhat ≫ Enterprise Linux Workstation Version7.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.8% | 0.756 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-326 Inadequate Encryption Strength
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
https://security.gentoo.org/glsa/201811-13
https://access.redhat.com/errata/RHSA-2018:1725
https://access.redhat.com/errata/RHSA-2018:1726
https://lists.debian.org/debian-lts-announce/2018/05/msg00013.html
https://usn.ubuntu.com/3660-1/
https://www.debian.org/security/2018/dsa-4209
https://www.mozilla.org/security/advisories/mfsa2018-13/
http://www.securitytracker.com/id/1040946
http://www.securityfocus.com/bid/104240
https://bugzilla.mozilla.org/show_bug.cgi?id=1411592