CVE-2020-29548: 
SmarterTools SmarterMail vulnerability analysis and mitigation

An issue was discovered in SmarterTools SmarterMail through version 100.0.7537 that affects the POP3 protocol implementation. The vulnerability allows meddler-in-the-middle attackers to pipeline commands after a POP3 STLS command, potentially injecting plaintext commands into an encrypted user session (NVD).

The vulnerability has been assigned a CVSS v3.1 Base Score of 8.1 (HIGH) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection'). The issue specifically relates to the STARTTLS implementation in the POP3 protocol, where command injection can occur during the transition from plaintext to encrypted communication (NVD, NoStartTLS).

The vulnerability can allow attackers to inject plaintext commands into what should be an encrypted user session. This could potentially lead to the exposure of sensitive information, manipulation of email communications, and compromise of user credentials during POP3 sessions (NoStartTLS).

The vulnerability has been fixed in SmarterMail Build 7537. Users and administrators are advised to upgrade to this version or later to address the security issue. Additionally, security researchers recommend avoiding the use of STARTTLS when possible and moving to implicit TLS connections as a more secure alternative (NoStartTLS).

The vulnerability was part of a larger research project that uncovered more than 40 security flaws in STARTTLS implementations across various email clients and servers. Security researchers have recommended moving away from STARTTLS to TLS-only connections as a more secure alternative (Record Media).