QSearchQSearch

CVE-2021-38084

8.1 HIGH

An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5

Published: 2021-08-03 · Last updated: 2026-06-17

Severity and scoring

CVSS
8.1 HIGH
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-74

Affected products

VendorProduct
courier-mtacourier_mail_server

Description

An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the-middle attackers can pipeline commands after the POP3 STLS command, injecting plaintext commands into an encrypted user session.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-12223 A vulnerability was identified in Yealink SIP-T46U 108.86.0.118 (5.5 MEDIUM)
  • CVE-2026-12219 A flaw has been found in Yealink SIP-T46U 108.86.0.118 (6.3 MEDIUM)
  • CVE-2026-12206 A vulnerability was identified in Grit42 Grit up to 0.11.0 (6.3 MEDIUM)
  • CVE-2026-12197 A security flaw has been discovered in Ruijie EG105G-P 2.340 (7.2 HIGH)
  • CVE-2026-12188 A vulnerability was detected in Grit42 Grit up to 0.11.0 (6.3 MEDIUM)