CVE-2020-14064

MEDIUM

IceWarp Email Server 12.3.0.1 - Incorrect Access Control

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-14064. PoCs published by networksecure.

AI-analyzed exploit summary This repository contains only a README.md file referencing CVE-2020-14064, an incorrect access control vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.

Description

IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.

Exploits (1)

nomisec WRITEUP 1 stars
by networksecure · poc
https://github.com/networksecure/CVE-2020-14064

This repository contains only a README.md file referencing CVE-2020-14064, an incorrect access control vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Theoretical
Reliability
Theoretical
Target: Icewarp Email Server 12.3.0.1
No auth needed
Prerequisites: Access to the Icewarp Email Server instance
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Product, Vendor Advisory x_refsource_misc
https://www.icewarp.com/download-premise/server/

Scores

CVSS v3 6.5
EPSS 0.0097
EPSS Percentile 57.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-668
Status published
Products (1)
icewarp/mail_server 12.3.0.1
Published Jul 15, 2020
Tracked Since Feb 18, 2026