CVE-2023-34108

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-34108
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-34108.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-34108
Aliases
  • GHSA-mhh4-qchc-pv22
Published
2023-06-07T18:15:09Z
Modified
2024-05-23T01:28:50.307322Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

mailcow is a mail server suite based on Dovecot, Postfix and other open source software, that provides a modern web UI for user/server administration. A vulnerability has been discovered in mailcow which allows an attacker to manipulate internal Dovecot variables by using specially crafted passwords during the authentication process. The issue arises from the behavior of the passwd-verify.lua script, which is responsible for verifying user passwords during login attempts. Upon a successful login, the script returns a response in the format of "password=<valid-password>", indicating the successful authentication. By crafting a password with additional key-value pairs appended to it, an attacker can manipulate the returned string and influence the internal behavior of Dovecot. For example, using the password "123 mailcryptsaveversion=0" would cause the passwd-verify.lua script to return the string "password=123 mailcryptsaveversion=0". Consequently, Dovecot will interpret this string and set the internal variables accordingly, leading to unintended consequences. This vulnerability can be exploited by an authenticated attacker who has the ability to set their own password. Successful exploitation of this vulnerability could result in unauthorized access to user accounts, bypassing security controls, or other malicious activities. This issue has been patched in version 2023-05a. Users are advised to upgrade. There are no known workarounds for this vulnerability.

References

Affected packages

Git / github.com/mailcow/mailcow-dockerized

Affected ranges

Type
GIT
Repo
https://github.com/mailcow/mailcow-dockerized
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

2022-01
2022-01a
2022-03
2022-03a
2022-04
2022-05
2022-05a
2022-05b
2022-05c
2022-05d
2022-06
2022-06a
2022-06b
2022-07
2022-07a
2022-08
2022-08a
2022-08b
2022-09
2022-09a
2022-10
2022-10a
2022-11
2022-11a
2022-11b
2022-12
2022-12a
2022-12b
2023-01
2023-01a
2023-02
2023-02a
2023-03
2023-04
2023-04a
2023-04b