ID CVE-2021-3578
Summary A flaw was found in mbsync before v1.3.6 and v1.4.2, where an unchecked pointer cast allows a malicious or compromised server to write an arbitrary integer value past the end of a heap-allocated structure by issuing an unexpected APPENDUID response. This could be plausibly exploited for remote code execution on the client.
References
Vulnerable Configurations
  • cpe:2.3:a:mbsync_project:mysync:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mbsync_project:mysync:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mbsync_project:mysync:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:mbsync_project:mysync:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mbsync_project:mysync:*:*:*:*:*:*:*:*
    cpe:2.3:a:mbsync_project:mysync:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openshift_container_platform:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:4.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 01-07-2022 - 15:15)
Impact:
Exploitability:
CWE CWE-704
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
Last major update 01-07-2022 - 15:15
Published 16-02-2022 - 19:15
Last modified 01-07-2022 - 15:15
Back to Top