#VU17374 Authentication bypass in Dovecot - CVE-2019-3814
Published: February 5, 2019
Vulnerability identifier: #VU17374
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:P/U:Green
CVE-ID: CVE-2019-3814
CWE-ID: CWE-592
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Dovecot
Dovecot
Software vendor:
Dovecot
Dovecot
Description
The vulnerability allows a remote authenticated attacker to bypass authentication.
The weakness exists due to taking of the username from the user provided authentication fields (e.g. LOGIN command). A remote attacker with access to a valid trusted certificate without the ssl_cert_username_field in it can bypass password verification if the provided trusted SSL certificate is missing the username field and login as anyone else in the system
The weakness exists due to taking of the username from the user provided authentication fields (e.g. LOGIN command). A remote attacker with access to a valid trusted certificate without the ssl_cert_username_field in it can bypass password verification if the provided trusted SSL certificate is missing the username field and login as anyone else in the system
Remediation
The vulnerability has been addressed in the versions 2.2.36.1, 2.3.4.1.