Vulnerability Name:

CVE-2021-29157 (CCN-204481)

Assigned:2021-06-28
Published:2021-06-28
Updated:2021-09-20
Summary:Dovecot before 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
6.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L)
6.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.9 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Partial
Vulnerability Type:CWE-22
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2021-29157

Source: MISC
Type: Vendor Advisory
https://dovecot.org/security

Source: XF
Type: UNKNOWN
dovecot-cve202129157-sec-bypass(204481)

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-208340a217

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-891c1ab1ac

Source: CCN
Type: oss-sec Mailing List, Mon, 28 Jun 2021 09:58:23 +0300
CVE-2021-29157: Dovecot oauth2 JWT local validation path traversal

Source: GENTOO
Type: Third Party Advisory
GLSA-202107-41

Source: CCN
Type: Dovecot Web site
Dovecot

Source: CONFIRM
Type: Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/06/28/1

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-29157

Vulnerable Configuration:Configuration 1:
  • cpe:/a:dovecot:dovecot:*:*:*:*:*:*:*:* (Version >= 2.3.11 and < 2.3.14.1)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*
  • OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:dovecot:dovecot:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8049
    P
    		pam-devel-32bit-1.3.0-150000.6.61.1 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:7986
    P
    		ant-1.10.12-150200.4.12.5 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:8038
    P
    		log4j12-javadoc-1.2.17-4.9.1 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:7970
    P
    		libxkbregistry-devel-1.3.0-150400.1.13 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:3473
    P
    		dnsmasq-2.78-18.9.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95103
    P
    		dovecot23-2.3.15-58.3 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:93132
    P
    		 (Important)
    2022-05-03
    oval:org.opensuse.security:def:99731
    P
    		 (Important)
    2022-04-12
    oval:org.opensuse.security:def:99487
    P
    		 (Moderate)
    2022-02-18
    oval:org.opensuse.security:def:112172
    P
    		dovecot23-2.3.16-1.6 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:99686
    P
    		 (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:105704
    P
    		dovecot23-2.3.16-1.6 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:99994
    P
    		 (Critical)
    2021-09-20
    oval:org.opensuse.security:def:111042
    P
    		Security update for dovecot23 (Moderate)
    2021-09-04
    oval:org.opensuse.security:def:99139
    P
    		 (Important)
    2021-09-02
    oval:org.opensuse.security:def:91994
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:111696
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:69075
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:98944
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:8833
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:92383
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:69531
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:99333
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:9391
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:92781
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:1626
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:69922
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:9782
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:118519
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:70473
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:102757
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:10333
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:96067
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:8645
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:92189
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:69138
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:9028
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:92582
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:102202
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:69723
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:99532
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:9583
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:92979
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:109423
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:70285
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:100041
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:10145
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:93285
    P
    		Security update for dovecot23 (Moderate)
    2021-08-31
    oval:org.opensuse.security:def:111596
    P
    		Security update for dovecot23 (Important)
    2021-07-10
    oval:org.opensuse.security:def:111462
    P
    		Security update for dovecot23 (Important)
    2021-06-25
    oval:org.opensuse.security:def:9353
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:92736
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:1615
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69877
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:97127
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:9737
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:93088
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:118503
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:70428
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:102741
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:10288
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:96051
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:8609
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:92146
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:97128
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69127
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:99096
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:8985
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:92537
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69678
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:9538
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:92935
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:109407
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:70247
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:97129
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:10107
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:93241
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:91951
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69059
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:98901
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:8790
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:92338
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:69493
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    oval:org.opensuse.security:def:99288
    P
    		Security update for dovecot23 (Important)
    2021-06-22
    BACK
    dovecot dovecot *
    fedoraproject fedora 33
    fedoraproject fedora 34
    dovecot dovecot -