cvedb.io
CVE-2016-7142
MEDIUM · CVSS 5.9
EPSS exploitation probability: 0%
Published 2016-09-26T15:59:03.267 · Last modified 2026-06-17T00:52:40.380

Summary

The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message.

Affected products

inspircd — inspircd

Does this affect you?

Add your gear to cvedb and we'll alert you only when inspircd ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.