What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege Escalation.This issue affects Bit SMTP: from n/a through <= 1.2.2.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
What the vulnerability does
Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege Escalation.This issue affects Bit SMTP: from n/a through <= 1.2.2.
Explanation of Vulnerability in Simple Terms
Bit SMTP versions up to 1.2.2 contain a vulnerability that allows an attacker to read sensitive data, modify site content, or disrupt service availability. The attack requires network access and high technical complexity but does not require authentication or user interaction. The vulnerability affects the entire system scope, making it a critical risk for any site using this component.
What an attacker can do
Read sensitive data, modify site content, or disrupt service availability without authentication.
Potential impact on your site
Attackers can compromise confidentiality, integrity, and availability of your site without needing valid credentials.
Conditions required to exploit
Network access and high technical complexity to exploit; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities