IMAP arbitrary file retrieval

Summary
The target is running an IMAP daemon that allows an authenticated user to retrieve and manipulate files that would be available to that user via a shell. If IMAP users are denied shell access, you may consider this a vulnerability.
Solution
Contact your vendor for a fix.
References