Описание
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | released | 3.0.12-1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 2.5.10-3ubuntu1.1+esm1 |
| esm-apps/focal | released | 3.0.12-1 |
| esm-apps/jammy | released | 3.0.12-1 |
| esm-apps/noble | released | 3.0.12-1 |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 3.0.12-1 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege ...
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3