CVE-2019-3814 - OpenCVE

It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Canonical	Ubuntu Linux
Opensuse	Leap
Dovecot	Dovecot

Configuration 1 [-]

OR	cpe:2.3:a:dovecot:dovecot::::::::
	cpe:2.3:a:dovecot:dovecot::::::::

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:18.10:::::::*

Configuration 3 [-]

cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00067.html	Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:3467
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3814	Issue Tracking Release Notes Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLI55NGRDTGMVOPYFCPPFNPA5VKYSSY/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS/
https://security.gentoo.org/glsa/201904-19
https://www.dovecot.org/list/dovecot/2019-February/114575.html	Exploit Mailing List Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2019-03-27T12:20:45

Updated: 2019-11-06T00:08:03

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3814

JSON object: View

NVD Information

Status : Modified

Published: 2019-03-27T13:29:01.337

Modified: 2023-11-07T03:10:12.627

Link: CVE-2019-3814

JSON object: View

Redhat Information

No data.

CWE

CWE-295

{"containers": {"cna": {"affected": [{"product": "dovecot", "vendor": "dovecot", "versions": [{"status": "affected", "version": "2.2.36.1"}, {"status": "affected", "version": "2.3.4.1"}]}], "descriptions": [{"lang": "en", "value": "It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-295", "description": "CWE-295", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-11-06T00:08:03", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.dovecot.org/list/dovecot/2019-February/114575.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3814"}, {"name": "openSUSE-SU-2019:1220", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00067.html"}, {"name": "GLSA-201904-19", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201904-19"}, {"name": "FEDORA-2019-9e004decea", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLI55NGRDTGMVOPYFCPPFNPA5VKYSSY/"}, {"name": "FEDORA-2019-1b61a528dd", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS/"}, {"name": "RHSA-2019:3467", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3467"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2019-3814", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "dovecot", "version": {"version_data": [{"version_value": "2.2.36.1"}, {"version_value": "2.3.4.1"}]}}]}, "vendor_name": "dovecot"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users."}]}, "impact": {"cvss": [[{"vectorString": "7.7/CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-295"}]}]}, "references": {"reference_data": [{"name": "https://www.dovecot.org/list/dovecot/2019-February/114575.html", "refsource": "MISC", "url": "https://www.dovecot.org/list/dovecot/2019-February/114575.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3814", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3814"}, {"name": "openSUSE-SU-2019:1220", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00067.html"}, {"name": "GLSA-201904-19", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201904-19"}, {"name": "FEDORA-2019-9e004decea", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4XLI55NGRDTGMVOPYFCPPFNPA5VKYSSY/"}, {"name": "FEDORA-2019-1b61a528dd", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS/"}, {"name": "RHSA-2019:3467", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3467"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-3814", "datePublished": "2019-03-27T12:20:45", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2019-11-06T00:08:03", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7EC4FD5-8BCE-4412-B8F6-53F4DD0D6CE7", "versionEndExcluding": "2.2.36.1", "versionStartIncluding": "1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:dovecot:dovecot:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C44A57B-1823-40EE-A24F-44144C505859", "versionEndExcluding": "2.3.4.1", "versionStartIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 incorrectly handled client certificates. A remote attacker in possession of a valid certificate with an empty username field could possibly use this issue to impersonate other users."}, {"lang": "es", "value": "Se ha descubierto que Dovecot, en versiones anteriores a la 2.2.36.1 y 2.3.4.1, gestiona de manera incorrecta los certificados del cliente. Un atacante remoto en posesi\u00f3n de un certificado v\u00e1lido con un campo \"username\" vac\u00edo podr\u00eda emplear este problema para suplantar a otros usuarios."}], "id": "CVE-2019-3814", "lastModified": "2023-11-07T03:10:12.627", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.3, "impactScore": 5.8, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2019-03-27T13:29:01.337", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00067.html"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2019:3467"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Release Notes", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3814"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4XLI55NGRDTGMVOPYFCPPFNPA5VKYSSY/"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHFZ5OWRIZGIWZJ5PTNVWWZNLLNH4XYS/"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/201904-19"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Mailing List", "Vendor Advisory"], "url": "https://www.dovecot.org/list/dovecot/2019-February/114575.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-295"}], "source": "secalert@redhat.com", "type": "Secondary"}]}