Описание
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Отчет
If HTTP is enabled (e.g. RSS, CalDAV), cyrus-imapd does not properly authenticate a HTTP request coming through a connection that has been previously authenticated. Usually, this is not a problem, as each user will have their own connection and a breach of security boundaries would not be possible. An exception to this rule is if the cyrus-imapd HTTP service is behind a proxy, for example a reverse caching proxy, and said proxy reuses the same connection to cyrus-imapd for multiple requests.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | cyrus-imapd | Not affected | ||
| Red Hat Enterprise Linux 6 | cyrus-imapd | Not affected | ||
| Red Hat Enterprise Linux 7 | cyrus-imapd | Not affected | ||
| Red Hat Enterprise Linux 8 | cyrus-imapd | Fixed | RHSA-2020:4655 | 04.11.2020 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS3
Связанные уязвимости
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege ...
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
EPSS
7.4 High
CVSS3