cbcvebase.
CVE-2005-0322
published 2005-05-02

CVE-2005-0322: MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2)…

PriorityP417high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.24%
15.0th percentile
MERAK Mail Server 7.6.0 with Icewarp Web Mail 5.3.0 and Mail Server 7.6.4r with Icewarp Mail Server 5.3.2 uses weak encryption in the (1) users.cfg, (2) settings.cfg, (3) users.dat or (4) user.dat files, which allows local users to extract the passwords.

Affected

4 ranges
VendorProductVersion rangeFixed in
icewarpweb_mail
icewarpweb_mail
merakmail_server
merakmail_server
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.