Vulnerability CVE-2021-33515

Vulnerability Name:

CVE-2021-33515 (CCN-204210)

Assigned:

2021-06-18

Published:

2021-06-18

Updated:

2022-09-28

Summary:

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp. Sensitive information can be redirected to an attacker-controlled address.

CVSS v3 Severity:

4.8 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)
4.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

4.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)
3.7 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

4.2 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N)
3.7 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

3.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-77

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2021-33515

Source: CCN
Type: Red Hat Bugzilla - Bug 1973610
CVE-2021-33515 dovecot: plaintext commands injection

Source: MISC
Type: Vendor Advisory
https://dovecot.org/security

Source: XF
Type: UNKNOWN
dovecot-cve202133515-cmd-exec(204210)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-208340a217

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-891c1ab1ac

Source: GENTOO
Type: Third Party Advisory
GLSA-202107-41

Source: CCN
Type: Dovecot Web site
Dovecot

Source: CONFIRM
Type: Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2021/06/28/2

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-33515

Vulnerable Configuration:

Configuration 1:

cpe:/a:dovecot:dovecot:*:*:*:*:*:*:*:* (Version < 2.3.14.1)

Configuration 2:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration CCN 1:

cpe:/a:dovecot:dovecot:2.3.14:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8038	P	log4j12-javadoc-1.2.17-4.9.1 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:7970	P	libxkbregistry-devel-1.3.0-150400.1.13 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:3473	P	dnsmasq-2.78-18.9.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95103	P	dovecot23-2.3.15-58.3 on GA media (Moderate)	2022-06-22
oval:com.redhat.rhsa:def:20221950	P	RHSA-2022:1950: dovecot security update (Moderate)	2022-05-10
oval:org.opensuse.security:def:99487	P	(Moderate)	2022-02-18
oval:org.opensuse.security:def:112172	P	dovecot23-2.3.16-1.6 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99686	P	(Moderate)	2021-10-20
oval:org.opensuse.security:def:105704	P	dovecot23-2.3.16-1.6 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:99994	P	(Critical)	2021-09-20
oval:org.opensuse.security:def:111596	P	Security update for dovecot23 (Important)	2021-07-10
oval:org.opensuse.security:def:111462	P	Security update for dovecot23 (Important)	2021-06-25
oval:org.opensuse.security:def:69678	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:9538	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:109407	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:97127	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:93241	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:91951	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:69059	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:8790	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:99288	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:92736	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:69877	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:9737	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:102741	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:97128	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:96051	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:92146	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:69127	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:8985	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:92935	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:70247	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:10107	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:97129	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:98901	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:92338	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:69493	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:9353	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:118503	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:93088	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:70428	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:10288	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:8609	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:1615	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:99096	P	Security update for dovecot23 (Important)	2021-06-22
oval:org.opensuse.security:def:92537	P	Security update for dovecot23 (Important)	2021-06-22

BACK