| Vulnerability Name: | CVE-2022-30550 (CCN-230560) | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2022-07-06 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2022-07-06 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2022-10-28 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Summary: | An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
5.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)
5.9 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 6.6 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:N)
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-287 CWE-284 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2022-30550 Source: MISC Type: Vendor Advisory https://dovecot.org/security Source: XF Type: UNKNOWN dovecot-cve202230550-priv-esc(230560) Source: CCN Type: Dovecot GIT Repository [PATCH 1/2] auth: Fix handling passdbs with identical driver/args but different mechanisms/username_filter Source: MLIST Type: Mailing List, Third Party Advisory [debian-lts-announce] 20220927 [SECURITY] [DLA 3122-1] dovecot security update Source: CCN Type: oss-sec Mailing List, Wed, 6 Jul 2022 16:54:47 +0300 (EEST) CVE-2022-30550: Privilege escalation possible in dovecot when similar master and non-master passdbs are used Source: MISC Type: Product https://www.dovecot.org/download/ Source: CONFIRM Type: Mailing List, Patch, Third Party Advisory https://www.openwall.com/lists/oss-security/2022/07/08/1 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||