OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-04-27T00:00:00
Updated: 2023-08-28T19:06:14.930322
Reserved: 2020-04-27T00:00:00
Link: CVE-2020-12272
JSON object: View
NVD Information
Status : Modified
Published: 2020-04-27T14:15:11.330
Modified: 2023-11-07T03:15:20.807
Link: CVE-2020-12272
JSON object: View
Redhat Information
No data.
CWE