CVE-2019-19783 — Improper Privilege Management in Imap
Severity
6.5MEDIUMNVD
OSV9.8
EPSS
1.3%
top 20.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 16
Latest updateMay 24
Description
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. If sieve script uploading is allowed (3.x) or certain non-default sieve options are enabled (2.x), a user with a mail account on the service can use a sieve script containing a fileinto directive to create any mailbox with administrator privileges, because of folder mishandling in autosieve_createfolder() in imap/lmtp_sieve.c.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages1 packages
Also affects: Debian Linux 10.0, 9.0, Fedora 30, 31, Ubuntu Linux 18.04
Patches
🔴Vulnerability Details
4📋Vendor Advisories
3💬Community
2Bugzilla▶
CVE-2019-19783 cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks [fedora-all]↗2019-12-27
Bugzilla▶
CVE-2019-19783 cyrus-imapd: lmtpd component created mailboxes with administrator privileges if the "fileinto" was used, bypassing ACL checks↗2019-12-27