heise PlusAbo
Anzeige

Security patches: Various attacks on SmarterMail possible

The email and collaboration server SmarterMail is vulnerable. The developers have closed several security gaps.

listen Print view
A woman presses a symbolic update button.

(Image: Alfa Photo/Shutterstock.com)

1 min. read
Security
By

In the current version of SmarterTools SmarterMail, the developers have resolved a total of eight security issues. Attackers can target instances with DoS attacks, for example, or even view access credentials.

This is according to the changelog for the current release, SmarterMail Build 9575. The descriptions of the vulnerabilities are extremely brief, and there are no CVE numbers.

According to the available information, the developers have resolved vulnerabilities in authentication in the context of 2FA endpoints and SMTP, among others. Furthermore, they state that they have more effectively secured access credentials and reduced the attack surface for DoS attacks.

The CERT Bund emergency team at the BSI classifies the security risk as "high".

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten