CVE-2020-14064
MEDIUMIceWarp Email Server 12.3.0.1 - Incorrect Access Control
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-14064. PoCs published by networksecure.
AI-analyzed exploit summary This repository contains only a README.md file referencing CVE-2020-14064, an incorrect access control vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.
Description
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
Exploits (1)
nomisec
WRITEUP
1 stars
by networksecure · poc
https://github.com/networksecure/CVE-2020-14064
This repository contains only a README.md file referencing CVE-2020-14064, an incorrect access control vulnerability in Icewarp Email Server 12.3.0.1. No exploit code or technical details are provided.
Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Theoretical
Reliability
Theoretical
Target:
Icewarp Email Server 12.3.0.1
No auth needed
Prerequisites:
Access to the Icewarp Email Server instance
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Product, Vendor Advisory x_refsource_misc
https://www.icewarp.com/download-premise/server/
Third Party Advisory x_refsource_misc
https://github.com/networksecure/Icewarp_incorrect_access_control
Scores
CVSS v3
6.5
EPSS
0.0097
EPSS Percentile
57.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-668
Status
published
Products (1)
icewarp/mail_server
12.3.0.1
Published
Jul 15, 2020
Tracked Since
Feb 18, 2026