FKIE_CVE-2018-1000072

Vulnerability from fkie_nvd - Published: 2018-03-13 15:29 - Updated: 2024-11-21 03:39
Severity
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in Beta: 0.9.8-BETA1, Stable: 0.9.7.
References
cve@mitre.orghttp://legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txtExploit, Mitigation, Third Party Advisory
cve@mitre.orghttps://bitbucket.org/zhb/iredmail/issues/130/multiple-security-issues-with-defaultExploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txtExploit, Mitigation, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bitbucket.org/zhb/iredmail/issues/130/multiple-security-issues-with-defaultExploit, Third Party Advisory
Impacted products
Vendor Product Version
iredmail iredmail *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:iredmail:iredmail:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C2ED0B8-F170-4804-91C2-459756405553",
              "versionEndIncluding": "0.9.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user\u0027s password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in Beta: 0.9.8-BETA1, Stable: 0.9.7."
    },
    {
      "lang": "es",
      "value": "iRedMail, en versiones anteriores al commit con ID f04b8ef, contiene una vulnerabilidad de permisos inseguros en Roundcube Webmail que puede resultar en el filtrado del archivo protegido por contrase\u00f1a de claves GPG secretas del usuario, as\u00ed como otros archivos importantes de configuraci\u00f3n. Este ataque parece ser explotable mediante conectividad de red. La vulnerabilidad parece haber sido solucionada en Beta:. 0.9.8-BETA1 y Stable: 0.9.7."
    }
  ],
  "id": "CVE-2018-1000072",
  "lastModified": "2024-11-21T03:39:34.443",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-13T15:29:00.377",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "http://legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://bitbucket.org/zhb/iredmail/issues/130/multiple-security-issues-with-default"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "http://legacysecuritygroup.com/cve/references/02122018-roundcube-enigma.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://bitbucket.org/zhb/iredmail/issues/130/multiple-security-issues-with-default"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.