CVE-2020-28896 — Improper Authentication in Mutt

CWE-287 — Improper Authentication CWE-755 — Improper Handling of Exceptional Conditions CWE-319 — Cleartext Transmission of Sensitive Info CWE-522 — Insufficiently Protected Credentials9 documents7 sources

Severity

5.3MEDIUMNVD

OSV9.8

EPSS

0.1%

top 73.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mutt Neomutt Debian Linux

Timeline

PublishedNov 23

Latest updateJan 15

Description

Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted connection, or to a machine-in-the-middle.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages5 packages

▶NVDneomutt/neomutt< 2020-11-20

▶Debianneomutt/neomutt< 20201120+dfsg.1-1+3

▶Ubuntuneomutt/neomutt< 20171215+dfsg.1-1ubuntu0.1~esm1+3

▶NVDmutt/mutt< 2.0.2

▶Debianmutt/mutt< 2.0.2-1+3

Also affects: Debian Linux 9.0

Patches

Patch: github.com ↗Patch: gitlab.com ↗Patch: gitlab.com ↗

🔴Vulnerability Details

OSV

neomutt vulnerabilities↗2025-01-15

▶

GHSA

GHSA-346p-qx4x-g348: Mutt before 2↗2022-05-24

▶

OSV

CVE-2020-28896: Mutt before 2↗2020-11-23

▶

CVEList

CVE-2020-28896: Mutt before 2↗2020-11-23

▶

📋Vendor Advisories

Ubuntu

NeoMutt vulnerabilities↗2025-01-15

▶

Ubuntu

Mutt vulnerability↗2020-11-25

▶

Red Hat

mutt: Incorrect handling of invalid initial IMAP responses could lead to an authentication attempt over unencrypted connection↗2020-11-20

▶

Debian

CVE-2020-28896: mutt - Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_t...↗2020

▶