{"api_version":"1","generated_at":"2026-05-13T05:23:27+00:00","cve":"CVE-2014-7273","urls":{"html":"https://cve.report/CVE-2014-7273","api":"https://cve.report/api/cve/CVE-2014-7273.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2014-7273","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2014-7273"},"summary":{"title":"CVE-2014-7273","description":"The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate.","state":"PUBLISHED","assigner":"mitre","published_at":"2014-10-08 01:55:05","updated_at":"2026-05-06 22:30:45"},"problem_types":["CWE-310","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.debian.org/security/2014/dsa-3091","name":"http://www.debian.org/security/2014/dsa-3091","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Debian -- Security Information -- DSA-3091-1 getmail4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://pyropus.ca/software/getmail/CHANGELOG","name":"http://pyropus.ca/software/getmail/CHANGELOG","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html","name":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"openSUSE-SU-2014:1315-1: moderate: update for getmail","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://openwall.com/lists/oss-security/2014/10/07/33","name":"http://openwall.com/lists/oss-security/2014/10/07/33","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"oss-security - Re: CVE Request(s): Getmail 4","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/61229","name":"http://secunia.com/advisories/61229","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Security Advisory SA61229 - SUSE update for getmail - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2014-7273","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7273","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.0_b10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.11","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.12","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.13","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.0.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.1.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.1.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.1.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.1.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.12.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.13.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.14.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.15.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.16.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.17.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.18.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.19.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.20.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.21.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.22.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.23.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.24.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.25.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.26.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.27.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.28.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.29.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.30.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.31.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.32.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.33.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.34.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.35.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.36.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.37.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.38.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.39.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.40.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.41.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.42.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"7273","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"getmail","cpe5":"getmail","cpe6":"4.9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T12:47:31.647Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"openSUSE-SU-2014:1315","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html"},{"name":"[oss-security] 20141007 Re: CVE Request(s): Getmail 4","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://openwall.com/lists/oss-security/2014/10/07/33"},{"name":"DSA-3091","tags":["vendor-advisory","x_refsource_DEBIAN","x_transferred"],"url":"http://www.debian.org/security/2014/dsa-3091"},{"name":"61229","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/61229"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://pyropus.ca/software/getmail/CHANGELOG"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2014-04-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2014-12-09T18:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"openSUSE-SU-2014:1315","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html"},{"name":"[oss-security] 20141007 Re: CVE Request(s): Getmail 4","tags":["mailing-list","x_refsource_MLIST"],"url":"http://openwall.com/lists/oss-security/2014/10/07/33"},{"name":"DSA-3091","tags":["vendor-advisory","x_refsource_DEBIAN"],"url":"http://www.debian.org/security/2014/dsa-3091"},{"name":"61229","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/61229"},{"tags":["x_refsource_CONFIRM"],"url":"http://pyropus.ca/software/getmail/CHANGELOG"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2014-7273","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"openSUSE-SU-2014:1315","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00029.html"},{"name":"[oss-security] 20141007 Re: CVE Request(s): Getmail 4","refsource":"MLIST","url":"http://openwall.com/lists/oss-security/2014/10/07/33"},{"name":"DSA-3091","refsource":"DEBIAN","url":"http://www.debian.org/security/2014/dsa-3091"},{"name":"61229","refsource":"SECUNIA","url":"http://secunia.com/advisories/61229"},{"name":"http://pyropus.ca/software/getmail/CHANGELOG","refsource":"CONFIRM","url":"http://pyropus.ca/software/getmail/CHANGELOG"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2014-7273","datePublished":"2014-10-08T01:00:00.000Z","dateReserved":"2014-10-01T00:00:00.000Z","dateUpdated":"2024-08-06T12:47:31.647Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2014-10-08 01:55:05","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["CWE-310","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0:*:*:*:*:*:*:*","matchCriteriaId":"EC9A2BA9-D5DD-44D9-9BB9-0EC4726B8575"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.0_b10:*:*:*:*:*:*:*","matchCriteriaId":"8D22BC05-E2FC-4839-A68C-9B36487F9025"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.1:*:*:*:*:*:*:*","matchCriteriaId":"5BB9C751-57B7-45D6-8090-4437A5738B64"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"2AEAC0B6-1AFC-44E9-9A99-1E1461A4F7E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.3:*:*:*:*:*:*:*","matchCriteriaId":"E006277E-F1F9-48C6-A558-6CE034FEB8E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.4:*:*:*:*:*:*:*","matchCriteriaId":"2029B8AA-D93F-4728-9D09-7A6292710E56"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.5:*:*:*:*:*:*:*","matchCriteriaId":"EA67A71D-96A0-4E94-B323-9BFF8D706555"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.6:*:*:*:*:*:*:*","matchCriteriaId":"E29D3B51-4836-495E-9F9D-BCF60C141AB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.7:*:*:*:*:*:*:*","matchCriteriaId":"D23A07F3-9AE4-43F6-86D0-CA1D1562A3F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.8:*:*:*:*:*:*:*","matchCriteriaId":"45825ACF-8D5C-4DE2-9A59-CEE3BFF32594"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.9:*:*:*:*:*:*:*","matchCriteriaId":"E4526FB1-EFC8-42FB-A914-56B570B6DE70"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.10:*:*:*:*:*:*:*","matchCriteriaId":"55930804-2994-4619-8681-B9A23D3782B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.11:*:*:*:*:*:*:*","matchCriteriaId":"2494418A-473A-4261-BC33-D24A78C3F930"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.12:*:*:*:*:*:*:*","matchCriteriaId":"1DEF7144-3C41-4435-9411-55E2E9D77FE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.0.13:*:*:*:*:*:*:*","matchCriteriaId":"1F746212-2CBA-48C4-9F8E-4D4088D581A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.1:*:*:*:*:*:*:*","matchCriteriaId":"2B258472-0299-4908-8424-D5BD7118A63A"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.1.1:*:*:*:*:*:*:*","matchCriteriaId":"150DC643-0825-4896-BB98-0579ACC6B9E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.1.2:*:*:*:*:*:*:*","matchCriteriaId":"CF2B512C-D0B1-4023-8CE4-AF72B61901F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"EDFF7A4E-7A41-44E0-B220-28E6B907FBFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.1.4:*:*:*:*:*:*:*","matchCriteriaId":"85D95386-FBCB-49DE-8691-4043021C8F2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.1.5:*:*:*:*:*:*:*","matchCriteriaId":"8CE4E384-4964-4E5F-A6BD-F3EF452D0033"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"353ED688-0E51-481B-AB2C-B221789BFA0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"6826172E-6B0A-4AD4-B208-D76A3EFA0ED5"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.4.0:*:*:*:*:*:*:*","matchCriteriaId":"0ED2B7B5-828D-4EF2-B261-EDD0C4C0F82A"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.5.0:*:*:*:*:*:*:*","matchCriteriaId":"FE58943D-E5D9-4B49-B1E0-4968B4C31EF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.6.0:*:*:*:*:*:*:*","matchCriteriaId":"42EF705A-6177-4892-B422-4279FFDA44FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.7.0:*:*:*:*:*:*:*","matchCriteriaId":"2E626006-6738-47D3-9B68-5E46BE707ABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.8.0:*:*:*:*:*:*:*","matchCriteriaId":"97417756-5B97-482E-98EF-4C830B8CA5C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.9.0:*:*:*:*:*:*:*","matchCriteriaId":"3F78B178-34E9-43C0-B6AC-4721AAAE88E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.10.0:*:*:*:*:*:*:*","matchCriteriaId":"E25C2948-FBA2-4DBC-B159-4E534582F7FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.11.0:*:*:*:*:*:*:*","matchCriteriaId":"598527D1-1C01-40E8-9136-24BF0C84CBBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.12.0:*:*:*:*:*:*:*","matchCriteriaId":"C978EC76-C765-4013-B6EE-86C8253D61FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.13.0:*:*:*:*:*:*:*","matchCriteriaId":"E59B6F58-69C6-4E7A-82EC-FD2C35E09476"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.14.0:*:*:*:*:*:*:*","matchCriteriaId":"5A7EED28-BAD6-4EF6-8EA6-298078F1532B"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.15.0:*:*:*:*:*:*:*","matchCriteriaId":"8C30D6AF-8065-4704-BD48-02906BE5AD17"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.16.0:*:*:*:*:*:*:*","matchCriteriaId":"5107BC4B-3FD2-4566-8529-BE214421A2F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.17.0:*:*:*:*:*:*:*","matchCriteriaId":"9ED8F86E-D02D-40A7-9BE1-65FB81CA7A7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.18.0:*:*:*:*:*:*:*","matchCriteriaId":"458AA23D-33BF-412C-99B8-A76E042F9F48"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.19.0:*:*:*:*:*:*:*","matchCriteriaId":"4074E219-D5D1-4CB3-BF6F-DD26C68F46AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.20.0:*:*:*:*:*:*:*","matchCriteriaId":"85B6FA09-D731-4621-8526-5BC0C52FC5B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.21.0:*:*:*:*:*:*:*","matchCriteriaId":"768F553E-BC99-407E-BD9A-5D0162102DE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.22.0:*:*:*:*:*:*:*","matchCriteriaId":"C9665553-24BF-4B89-8336-22C5627B5BB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.23.0:*:*:*:*:*:*:*","matchCriteriaId":"7B57A507-A3E2-421B-9092-910A4A4168C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.24.0:*:*:*:*:*:*:*","matchCriteriaId":"79370501-0E08-40D7-BC2F-9D88C9FFEA4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.25.0:*:*:*:*:*:*:*","matchCriteriaId":"07B46A68-C096-4B96-A9BF-7DB01743A199"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.26.0:*:*:*:*:*:*:*","matchCriteriaId":"440165D6-6AA6-48AE-B52C-F871568AEA12"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.27.0:*:*:*:*:*:*:*","matchCriteriaId":"3C932E13-E281-4D2C-AC11-873F83A8DE2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.28.0:*:*:*:*:*:*:*","matchCriteriaId":"6B9415F3-ACDF-4C3B-91C2-02D589312137"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.29.0:*:*:*:*:*:*:*","matchCriteriaId":"33867423-85F6-4948-BD5A-4964E447C4FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.30.0:*:*:*:*:*:*:*","matchCriteriaId":"19547C8A-252A-4CEE-89CF-BCB4D5683A36"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.31.0:*:*:*:*:*:*:*","matchCriteriaId":"E393D9EF-2A64-4D60-B554-E8F6535D9CA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.32.0:*:*:*:*:*:*:*","matchCriteriaId":"C84D3012-9F73-47BE-BC9D-54F644D5EA8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.33.0:*:*:*:*:*:*:*","matchCriteriaId":"2D00742C-1E33-4E55-8AD6-9E7D66C375EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.34.0:*:*:*:*:*:*:*","matchCriteriaId":"43618CED-404D-4D38-941B-3A40494FF239"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.35.0:*:*:*:*:*:*:*","matchCriteriaId":"A031B91A-CF73-4800-B1E2-48B7F7EDE6C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.36.0:*:*:*:*:*:*:*","matchCriteriaId":"1E4270FB-39BD-4708-B580-10B12B8B1553"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.37.0:*:*:*:*:*:*:*","matchCriteriaId":"98A0FFDC-EC5C-41D2-A3B2-FA333A35E766"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.38.0:*:*:*:*:*:*:*","matchCriteriaId":"7B80FBCC-A32A-4AD3-8DFB-FF5A30F3290C"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.39.0:*:*:*:*:*:*:*","matchCriteriaId":"7DE7E687-45FC-4A0C-BC48-18C4B1535CE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.40.0:*:*:*:*:*:*:*","matchCriteriaId":"76602CEC-3131-4C45-B967-BB5CA7B9CD20"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.41.0:*:*:*:*:*:*:*","matchCriteriaId":"A45D818B-271A-4963-9DC1-BF4561A80D89"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmail:getmail:4.42.0:*:*:*:*:*:*:*","matchCriteriaId":"31C4CFEF-D15D-4D74-B903-81763D484C4C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2014","CveId":"7273","Ordinal":"1","Title":"CVE-2014-7273","CVE":"CVE-2014-7273","Year":"2014"},"notes":[{"CveYear":"2014","CveId":"7273","Ordinal":"1","NoteData":"The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate.","Type":"Description","Title":"CVE-2014-7273"},{"CveYear":"2014","CveId":"7273","Ordinal":"2","NoteData":"2014-10-07","Type":"Other","Title":"Published"},{"CveYear":"2014","CveId":"7273","Ordinal":"3","NoteData":"2014-12-09","Type":"Other","Title":"Modified"}]}}}