Authentication bypass in Dovecot - CVE-2019-3814
Published: February 5, 2019
Vulnerability identifier: #VU17374
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:P/U:Green
CVE-ID: CVE-2019-3814
CWE-ID: CWE-592
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Dovecot
Affected software:
Dovecot
Dovecot
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to bypass authentication.
The weakness exists due to taking of the username from the user provided authentication fields (e.g. LOGIN command). A remote attacker with access to a valid trusted certificate without the ssl_cert_username_field in it can bypass password verification if the provided trusted SSL certificate is missing the username field and login as anyone else in the system
The weakness exists due to taking of the username from the user provided authentication fields (e.g. LOGIN command). A remote attacker with access to a valid trusted certificate without the ssl_cert_username_field in it can bypass password verification if the provided trusted SSL certificate is missing the username field and login as anyone else in the system
How to mitigate CVE-2019-3814
The vulnerability has been addressed in the versions 2.2.36.1, 2.3.4.1.