CVE-2021-37845
published 2023-05-29CVE-2021-37845: An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a…
PriorityP415low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
EPSS
0.66%
47.1th percentile
An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citadel | webcit | <= 932 | — |
CVSS provenance
nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
osv3.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2021-37845: An issue was discovered in Citadel through webcit-932
osv·2023-05-29·CVSS 3.7
CVE-2021-37845 [LOW] CVE-2021-37845: An issue was discovered in Citadel through webcit-932
An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior.
GHSA
GHSA-hh3j-j42w-mrpm: An issue was discovered in Citadel through webcit-932
ghsa_unreviewed·2023-05-29
CVE-2021-37845 [LOW] GHSA-hh3j-j42w-mrpm: An issue was discovered in Citadel through webcit-932
An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-05-29
Published