VDB
CVE-2024-55196
CVE-2024-55196
PUBLISHED
CVSS 7.5 HIGH
Insufficiently Protected Credentials in the Mail Server Configuration in GoPhish v0.12.1 allows an attacker to access cleartext passwords for the configured IMAP and SMTP servers.
EPSS 0.06% · 18.5th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.06%
18.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a, * |
| github.com | gophish/gophish | 0, 0 |
Exploit Intelligence
- CIRCL seen: CVE-2024-55196 (circl-sighting)
- CIRCL seen: CVE-2024-55196 (circl-sighting)
- CIRCL seen: CVE-2024-55196 (circl-sighting)
- CIRCL seen: CVE-2024-55196 (circl-sighting)
- https://github.com/hexkaster/SecurityResearch/blob/main/CVE-2024-55196.md (circl)
Timeline
- Dec 19, 2024 CVE Published
- Dec 19, 2024 PoC Published
- Dec 19, 2024 PoC Published
- Dec 20, 2024 EPSS Score
- Jan 5, 2025 EPSS Score
- Jan 20, 2025 Coalition ESS Score
- Jan 22, 2025 EPSS Score
- Feb 7, 2025 EPSS Score
- Feb 24, 2025 EPSS Score
- Mar 12, 2025 EPSS Score
- Mar 28, 2025 EPSS Score
- Apr 14, 2025 EPSS Score