Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2021-29157

Published: 28/06/2021 Updated: 07/11/2023
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Dovecot

Vulnerability Summary

Dovecot prior to 2.3.15 allows ../ Path Traversal. An attacker with access to the local filesystem can trick OAuth2 authentication into using an HS256 validation key from an attacker-controlled location. This occurs during use of local JWT validation with the posix fs driver.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dovecot dovecot

fedoraproject fedora 33

fedoraproject fedora 34

Vendor Advisories

Debian CVElist Bug Report Logs: dovecot: CVE-2021-33515 CVE-2021-29157 CVE-2020-28200
Debian Bug report logs - #990566 dovecot: CVE-2021-33515 CVE-2021-29157 CVE-2020-28200 Package: src:dovecot; Maintainer for src:dovecot is Dovecot Maintainers <dovecot@packagesdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Fri, 2 Jul 2021 08:45:02 UTC Severity: grave Tags: security, upstream F ...
Red Hat: CVE-2021-29157
No description is available for this CVE ...
Arch Linux Issues:
Dovecot before version 23141 does not correctly escape kid and azp fields in JWT tokens This may be used to supply attacker controlled keys to validate tokens in some configurations The attack requires an attacker to be able to write files to the local disk As a result, a local attacker can login as any user and access their emails ...

Mailing Lists

Full Disclosure: CVE-2021-29157: Dovecot oauth2 JWT local validation path traversal
<!--X-Body-Begin--> <!--X-User-Header--> oss-sec mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CVE-2021-29157: Dovecot oauth2 JWT local validation path traversal <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From ...

References

CWE-22https://dovecot.org/securityhttps://www.openwall.com/lists/oss-security/2021/06/28/1https://security.gentoo.org/glsa/202107-41https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JB2VTJ3G2ILYWH5Y2FTY2PUHT2MD6VMI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TK424DWFO2TKJYXZ2H3XL633TYJL4GQN/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990566https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2021-29157
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook