Lucene search

MitreCVELIST:CVE-2021-32056

HistoryMay 10, 2021 - 1:05 p.m.

CVE-2021-32056

2021-05-1013:05:40

mitre

www.cve.org

cyrus imap

authenticated users

access restrictions

replication stall

AI Score

Confidence

High

EPSS

0.001

Percentile

44.9%

JSON

Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall.

References

cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-released

cyrus.topicbox.com/groups/announce/T126392718bc29d6b/cyrus-imap-3-2-7-released

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HEO3RURJW6NLIXS7NK5PVU6MGHC4SCM/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJZB45QBUN7CZFGOWCZYUYACNBTX7LVS/

www.cyrusimap.org/imap/download/release-notes/3.2/x/3.2.7.html

www.cyrusimap.org/imap/download/release-notes/3.4/x/3.4.1.html