evolution-ews is vulnerable to authorization bypass. The vulnerability exists as all certificate errors ignored if configured to ignore an initial error in gnome-online-accounts creation resulting in the connection open to being viewed and modified.
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
access.redhat.com/errata/RHSA-2019:3699
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1713619
bugzilla.redhat.com/show_bug.cgi?id=1724232
bugzilla.redhat.com/show_bug.cgi?id=1724984
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890
gitlab.gnome.org/GNOME/evolution-ews/issues/27