| ID |
CVE-2019-11499
|
| Summary |
In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:dovecot:dovecot:2.3.3:-:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.3:-:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:2.3.3:rc1:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.3:rc1:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.4:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:2.3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.4.1:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.5:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:2.3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.5.1:*:*:*:*:*:*:*
-
cpe:2.3:a:dovecot:dovecot:2.3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:dovecot:dovecot:2.3.5.2:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
-
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 5.0 (as of 01-03-2023 - 15:20) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| refmap
via4
|
| fedora | - FEDORA-2019-1b61a528dd
- FEDORA-2019-9e004decea
| | misc | | | suse | - openSUSE-SU-2019:2278
- openSUSE-SU-2019:2281
|
|
| Last major update |
01-03-2023 - 15:20 |
| Published |
08-05-2019 - 17:29 |
| Last modified |
01-03-2023 - 15:20 |
