CVE-2017-16651

Опубликовано: 09 нояб. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Средний

Описание

Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. The attacker must be able to authenticate at the target system with a valid username/password as the attack requires an active session. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests.

Ссылки

http://packetstormsecurity.com/files/161226/Roundcube-Webmail-1.2-File-Disclosure.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/101793
Third Party Advisory
VDB Entry
https://github.com/roundcube/roundcubemail/issues/6026
Issue Tracking
Patch
Third Party Advisory
https://github.com/roundcube/roundcubemail/releases/tag/1.1.10
Issue Tracking
Release Notes
Third Party Advisory
https://github.com/roundcube/roundcubemail/releases/tag/1.2.7
Issue Tracking
Release Notes
Third Party Advisory
https://github.com/roundcube/roundcubemail/releases/tag/1.3.3
Issue Tracking
Release Notes
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00039.html
Mailing List
Third Party Advisory
https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10
Issue Tracking
Vendor Advisory
https://www.debian.org/security/2017/dsa-4030
Issue Tracking
Third Party Advisory
http://packetstormsecurity.com/files/161226/Roundcube-Webmail-1.2-File-Disclosure.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/101793
Third Party Advisory
VDB Entry
https://github.com/roundcube/roundcubemail/issues/6026
Issue Tracking
Patch
Third Party Advisory
https://github.com/roundcube/roundcubemail/releases/tag/1.1.10
Issue Tracking
Release Notes
Third Party Advisory
https://github.com/roundcube/roundcubemail/releases/tag/1.2.7
Issue Tracking
Release Notes
Third Party Advisory
https://github.com/roundcube/roundcubemail/releases/tag/1.3.3
Issue Tracking
Release Notes
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00039.html
Mailing List
Third Party Advisory
https://roundcube.net/news/2017/11/08/security-updates-1.3.3-1.2.7-and-1.1.10
Issue Tracking
Vendor Advisory
https://www.debian.org/security/2017/dsa-4030
Issue Tracking
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-16651

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*

Версия до 1.1.9 (включая)

cpe:2.3:a:roundcube:webmail:1.2.0:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.2.6:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.3.0:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:roundcube:webmail:1.3.2:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.30221

Средний

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-552

Связанные уязвимости

CVE-2017-16651

CVSS3: 7.8

ubuntu

около 8 лет назад

CVE-2017-16651

CVSS3: 7.8

debian

около 8 лет назад

Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before ...

GHSA-6r67-r3jm-88p4

CVSS3: 7.8

github

больше 3 лет назад

BDU:2021-05957

CVSS3: 7.8

fstec

больше 8 лет назад

Уязвимость почтового клиента RoundCube Webmail, связанная с использованием файлов и каталогов, доступных внешним сторонам, позволяющая нарушителю получить несанкционированный доступ к произвольным файлам в файловой системе хоста

EPSS

Процентиль: 97%

0.30221

Средний

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-552