CVE-2019-13917 — Improper Input Validation in Exim

CWE-19 CWE-20 — Improper Input Validation10 documents8 sources

Severity

9.8CRITICALNVD

EPSS

19.9%

top 4.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Exim Debian Linux

Timeline

PublishedJul 25

Latest updateMay 24

Description

Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in some unusual configurations that use the ${sort } expansion for items that can be controlled by an attacker (e.g., $local_part or $domain).

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDexim/exim4.85 — 4.92

Also affects: Debian Linux 10.0, 9.0

Patches

Patch: exim.org ↗Patch: exim.org ↗

🔴Vulnerability Details

GHSA

GHSA-w2fj-xv79-84gh: Exim 4↗2022-05-24

▶

OSV

CVE-2019-13917: Exim 4↗2019-07-25

▶

CVEList

CVE-2019-13917: Exim 4↗2019-07-25

▶

📋Vendor Advisories

Red Hat

exim: ${sort} in configuration leads to privilege escalation↗2019-07-25

▶

Ubuntu

Exim vulnerability↗2019-07-25

▶

Debian

CVE-2019-13917: exim4 - Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution as root in...↗2019

▶

💬Community

Bugzilla

CVE-2019-13917 exim: ${sort} in configuration leads to privilege escalation [fedora-all]↗2019-07-26

▶

Bugzilla

CVE-2019-13917 exim: ${sort} in configuration leads to privilege escalation [epel-all]↗2019-07-26

▶

Bugzilla

CVE-2019-13917 exim: ${sort} in configuration leads to privilege escalation↗2019-07-19

▶