cPanel SMTP Password Leak Cleartext Credential Disclosure
CVE-2023-27927 Published on March 27, 2023

CVE-2023-27927
An authenticated malicious user could acquire the simple mail transfer protocol (SMTP) Password in cleartext format, despite it being protected and hidden behind asterisks. The attacker could then perform further attacks using the SMTP credentials.

NVD

Vulnerability Analysis

CVE-2023-27927 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Products Associated with CVE-2023-27927

stack.watch emails you whenever new vulnerabilities are published in Sauter Controls Ey As525f001 Firmware or cPanel. Just hit a watch button to start following.

Sauter Controls Ey As525f001 Firmware

cPanel

Affected Versions

SAUTER EY-AS525F001 with moduWeb Version all versions is affected by CVE-2023-27927

Exploit Probability

EPSS

0.09%

Percentile

25.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

cPanel SMTP Password Leak Cleartext Credential DisclosureCVE-2023-27927 Published on March 27, 2023

Vulnerability Analysis

Products Associated with CVE-2023-27927

Affected Versions

Exploit Probability

cPanel SMTP Password Leak Cleartext Credential Disclosure
CVE-2023-27927 Published on March 27, 2023