CVE-2021-37845

EUVD-2021-24324
An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a violation of "The STARTTLS command is only valid in non-authenticated state." in RFC2595). This potentially allows an attacker to cause a victim's e-mail messages to be stored into an attacker's IMAP mailbox, but depends on details of the victim's client behavior.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA-ADPADP
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
Affected Products (NVD)
VendorProductVersion
citadelwebcit
𝑥
≤ 932
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
citadel
bionic
needs-triage
focal
needs-triage
hirsute
ignored
impish
ignored
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
needs-triage
References
http://uncensored.citadel.org/dotgoto?room=Citadel%20Security
https://nostarttls.secvuln.info/
https://uncensored.citadel.org/msg/2099264259
http://uncensored.citadel.org/dotgoto?room=Citadel%20Security
https://nostarttls.secvuln.info/
https://uncensored.citadel.org/msg/2099264259