Unrated severityNVD Advisory· Published Dec 31, 2001· Updated Apr 16, 2026

CVE-2001-1211

Description

Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the (1) aliasadmin or (2) listadm1 CGI programs, which do not properly verify that an administrator is the administrator for the target domain.

Affected products

Ipswitch, Inc./Imail8 versions
cpe:2.3:a:ipswitch:imail:6.1:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ipswitch:imail:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ipswitch:imail:7.0.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.iss.net/security_center/static/7752.phpnvdVendor Advisory
www.securityfocus.com/archive/1/247786nvdVendor Advisory
www.securityfocus.com/bid/3766nvdVendor Advisory
support.ipswitch.com/kb/IM-20011219-DM01.htmnvd
support.ipswitch.com/kb/IM-20020301-DM02.htmnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000