Loading
imap/nntpd.c in the NNTP server (nntpd) for Cyrus IMAPd 2.4.x before 2.4.12 allows remote attackers to bypass authentication by sending an AUTHINFO USER command without sending an additional AUTHINFO PASS command.
Use CWE-287, Cyrus vendor hub and Imapd product page to widen CVE-2011-3372 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2005-0546 and CVE-2006-2502 for nearby disclosures in the same product family.