DATABASE RESOURCES PRICING ABOUT US

{"id": "ASA-202105-13", "vendorId": null, "type": "archlinux", "bulletinFamily": "unix", "title": "[ASA-202105-13] opendmarc: multiple issues", "description": "Arch Linux Security Advisory ASA-202105-13\n==========================================\n\nSeverity: Medium\nDate : 2021-05-19\nCVE-ID : CVE-2019-20790 CVE-2020-12272\nPackage : opendmarc\nType : multiple issues\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1375\n\nSummary\n=======\n\nThe package opendmarc before version 1.4.1.1-1 is vulnerable to\nmultiple issues including content spoofing and authentication bypass.\n\nResolution\n==========\n\nUpgrade to 1.4.1.1-1.\n\n# pacman -Syu \"opendmarc>=1.4.1.1-1\"\n\nThe problems have been fixed upstream in version 1.4.1.1.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\n- CVE-2019-20790 (authentication bypass)\n\nOpenDMARC before 1.4.1, when used with pypolicyd-spf 2.0.2, allows\nattacks that bypass SPF and DMARC authentication in situations where\nthe HELO field is inconsistent with the MAIL FROM field.\n\n- CVE-2020-12272 (content spoofing)\n\nOpenDMARC before 1.4.1 allows attacks that inject authentication\nresults to provide false information about the domain that originated\nan e-mail message. This is caused by incorrect parsing and\ninterpretation of SPF/DKIM authentication results, as demonstrated by\nthe example.net(.example.com substring.\n\nOpenDMARC has added checking to validate that the domain element in\nboth SPF and DKIM header fields being inspected argument contains only\nvalid domain name characters. This has been fixed as of OpenDMARC 1.4.1\n(March 2021).\n\nImpact\n======\n\nA remote attacker could spoof SPF, DMARC and DKIM authentication\nresults.\n\nReferences\n==========\n\nhttps://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20970\nhttps://bugs.launchpad.net/pypolicyd-spf/+bug/1838816\nhttps://sourceforge.net/p/opendmarc/tickets/235/\nhttps://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf\nhttps://github.com/trusteddomainproject/OpenDMARC/issues/49\nhttps://github.com/trusteddomainproject/OpenDMARC/issues/158\nhttps://github.com/trusteddomainproject/OpenDMARC/commit/d72e1ec0ae6ed3a9827b31be4f268fc528232371\nhttps://github.com/trusteddomainproject/OpenDMARC/commit/9c0db8c12e4488fbf948afc27d8395d0c6bb53bd\nhttps://github.com/trusteddomainproject/OpenDMARC/commit/5f980792546d11bc16dff7f875188ba81989ba33\nhttps://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2020-12272\nhttps://sourceforge.net/p/opendmarc/tickets/237/\nhttps://github.com/trusteddomainproject/OpenDMARC/commit/f3a9a9d4edfaa05102292727d021683f58aa4b6e\nhttps://security.archlinux.org/CVE-2019-20790\nhttps://security.archlinux.org/CVE-2020-12272", "published": "2021-05-19T00:00:00", "modified": "2021-05-19T00:00:00", "epss": [{"cve": "CVE-2019-20790", "epss": 0.00241, "percentile": 0.60666, "modified": "2023-05-27"}, {"cve": "CVE-2020-12272", "epss": 0.00135, "percentile": 0.47404, "modified": "2023-05-27"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://security.archlinux.org/ASA-202105-13", "reporter": "ArchLinux", "references": ["https://security.archlinux.org/AVG-1375", "https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2019-20970", "https://bugs.launchpad.net/pypolicyd-spf/+bug/1838816", "https://sourceforge.net/p/opendmarc/tickets/235/", "https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf", "https://github.com/trusteddomainproject/OpenDMARC/issues/49", "https://github.com/trusteddomainproject/OpenDMARC/issues/158", "https://github.com/trusteddomainproject/OpenDMARC/commit/d72e1ec0ae6ed3a9827b31be4f268fc528232371", "https://github.com/trusteddomainproject/OpenDMARC/commit/9c0db8c12e4488fbf948afc27d8395d0c6bb53bd", "https://github.com/trusteddomainproject/OpenDMARC/commit/5f980792546d11bc16dff7f875188ba81989ba33", "https://github.com/trusteddomainproject/OpenDMARC/blob/develop/SECURITY/CVE-2020-12272", "https://sourceforge.net/p/opendmarc/tickets/237/", "https://github.com/trusteddomainproject/OpenDMARC/commit/f3a9a9d4edfaa05102292727d021683f58aa4b6e", "https://security.archlinux.org/CVE-2019-20790", "https://security.archlinux.org/CVE-2020-12272"], "cvelist": ["CVE-2019-20790", "CVE-2019-20970", "CVE-2020-12272"], "immutableFields": [], "lastseen": "2023-05-27T16:21:16", "viewCount": 164, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-20790", "CVE-2020-12272"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-20790", "DEBIANCVE:CVE-2020-12272"]}, {"type": "fedora", "idList": ["FEDORA:CF70D304C758", "FEDORA:DA6C1304E4BF"]}, {"type": "freebsd", "idList": ["937AA1D6-685E-11EC-A636-000C29061CE6"]}, {"type": "kitploit", "idList": ["KITPLOIT:3564516228354329644"]}, {"type": "mageia", "idList": ["MGASA-2021-0462"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2019-20790", "UB:CVE-2020-12272"]}, {"type": "veracode", "idList": ["VERACODE:30756", "VERACODE:30771"]}]}, "score": {"value": 1.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2019-20790", "CVE-2020-12272"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-20790", "DEBIANCVE:CVE-2020-12272"]}, {"type": "fedora", "idList": ["FEDORA:CF70D304C758", "FEDORA:DA6C1304E4BF"]}, {"type": "freebsd", "idList": ["937AA1D6-685E-11EC-A636-000C29061CE6"]}, {"type": "kitploit", "idList": ["KITPLOIT:3564516228354329644"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-12272"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2019-20790", "epss": 0.00241, "percentile": 0.60626, "modified": "2023-05-07"}, {"cve": "CVE-2020-12272", "epss": 0.00135, "percentile": 0.47272, "modified": "2023-05-07"}], "vulnersScore": 1.2}, "_state": {"dependencies": 1685211539, "score": 1685204742, "epss": 0}, "_internal": {"score_hash": "685eb6a5b9417d85f1d3c3548dd18672"}, "affectedPackage": [{"OS": "ArchLinux", "OSVersion": "any", "arch": "any", "packageVersion": "1.4.1.1-1", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "opendmarc"}]}

{"kitploit": [{"lastseen": "2023-05-27T15:14:54", "description": "[](<https://2.bp.blogspot.com/-7-RVRp7fEhA/Yd0JOaVxK7I/AAAAAAAA7tM/QYtEnlH6G4kZRr1nE1BS3EwwjgXHmSDEACK4BGAYYCw/s1600/espoofer_2_email-authentication-flow-769656.png>)\n\n \n\n\n_espoofer_ is an open-source testing tool to bypass SPF, DKIM, and DMARC [authentication](<https://www.kitploit.com/search/label/Authentication> \"authentication\" ) in email systems. It helps mail server [administrators](<https://www.kitploit.com/search/label/Administrators> \"administrators\" ) and penetration testers to check whether the target email server and client are vulnerable to [email spoofing](<https://www.kitploit.com/search/label/Email%20Spoofing> \"email spoofing\" ) attacks or can be abused to send spoofing emails.\n\n \n\n\n[](<https://github.com/chenjj/espoofer/blob/master/images/gmail-spoofing-demo.png> \"An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.<g-emoji alias=beers class=g-emoji fallback-src=https://github.githubassets.com/images/icons/emoji/unicode/1f37b.png>&#127867;</g-emoji> \\(4\\)\" )[](<https://2.bp.blogspot.com/-YD36219o_L0/Yd0JOUw1cuI/AAAAAAAA7tE/tuH456oXnSElLuqp0cs3tT5KOC8IarE4wCK4BGAYYCw/s1600/espoofer_1_gmail-spoofing-demo-769134.png>) \nFigure 1. A case of our spoofing attacks on Gmail (Fixed, [Demo video](<https://youtu.be/xuKZpT0rsd0> \"Demo video\" )) \n\n## Why build this tool?\n\nEmail spoofing is a big threat to both individuals and organizations ([Yahoo breach](<https://arstechnica.com/tech-policy/2017/03/fbi-hints-that-hack-of-semi-privileged-yahoo-employee-led-to-massive-breach/> \"Yahoo breach\" ), [John podesta](<https://www.cbsnews.com/news/the-phishing-email-that-hacked-the-account-of-john-podesta/> \"John podesta\" )). To address this problem, modern email services and websites employ authentication protocols -- SPF, DKIM, and DMARC -- to prevent email forgery.\n\nOur latest research shows that the implementation of those protocols suffers a number of security issues, which can be exploited to bypass SPF/DKIM/DMARC protections. Figure 1 demonstrates one of our spoofing attacks to bypass DKIM and DMARC in Gmail. For more technical details, please see our [Black Hat USA 2020 talk](<https://www.blackhat.com/us-20/briefings/schedule/#you-have-no-idea-who-sent-that-email--attacks-on-email-sender-authentication-19902> \"Black Hat USA 2020 talk\" ) (with [presentation video](<https://www.youtube.com/watch?v=ar_lVqkWcHk&list=PL--A-gWJV1dJ19SyhkzklMC3C8ra1kK5-&index=5&t=30s&ab_channel=BlackHat> \"presentation video\" )) or [USENIX security 2020 paper](<https://www.jianjunchen.com/publication/composition-kills-a-case-study-of-email-sender-authentication/> \"USENIX security 2020 paper\" ).\n\n * Black Hat USA 2020 slides (PDF): [You have No Idea Who Sent that Email: 18 Attacks on ](<http://i.blackhat.com/USA-20/Thursday/us-20-Chen-You-Have-No-Idea-Who-Sent-That-Email-18-Attacks-On-Email-Sender-Authentication.pdf> \"You have No Idea Who Sent that Email: 18 Attacks on\" )[Email Sender](<https://www.kitploit.com/search/label/Email%20Sender> \"Email Sender\" ) Authentication\n * USENIX security 2020 paper (PDF): [Composition Kills: A Case Study of Email Sender Authentication](<https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf> \"Composition Kills: A Case Study of Email Sender Authentication\" )\n * [Distinguished Paper Award Winner](<https://www.usenix.org/conference/usenixsecurity20/presentation/chen-jianjun> \"Distinguished Paper Award Winner\" )\n\nIn this repo, we summarize all test cases we found and integrate them into this tool to help administrators and security-practitioners quickly identify and locate such security issues.\n\nPlease use the following citation if you do scentific research (Click me). \n\n_Latex version:_\n \n \n @inproceedings{chen-email, \n author = {Jianjun Chen and Vern Paxson and Jian Jiang}, \n title = {Composition Kills: A Case Study of Email Sender Authentication}, \n booktitle = {29th {USENIX} Security Symposium ({USENIX} Security 20)}, \n year = {2020}, \n isbn = {978-1-939133-17-5}, \n pages = {2183--2199}, \n url = {https://www.usenix.org/conference/usenixsecurity20/presentation/chen-jianjun}, \n publisher = {{USENIX} Association}, \n month = aug, \n }\n\n_Word version:_\n\nJianjun Chen, Vern Paxson, and Jian Jiang. \"Composition kills: A case study of email sender authentication.\" In 29th USENIX Security Symposium (USENIX Security 20), pp. 2183-2199. 2020.\n\n## Installation\n\n * Download this tool\n \n \n git clone https://github.com/chenjj/espoofer \n \n\n * Install dependencies\n \n \n sudo pip3 install -r requirements.txt \n \n\n> _Python version: Python 3 (**&gt;=3.7**)._\n\n## Usage\n\nespoofer has three work modes: _server_ ('s', default mode), _client_ ('c') and _manual_ ('m'). In _server_ mode, espoofer works like a mail server to test validation in receiving services. In _client_ mode, espoofer works as an email client to test validation in sending services. _Manual_ mode is used for debug purposes.\n\n[](<https://github.com/chenjj/espoofer/blob/master/images/email-authentication-flow.png> \"An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.<g-emoji alias=beers class=g-emoji fallback-src=https://github.githubassets.com/images/icons/emoji/unicode/1f37b.png>&#127867;</g-emoji> \\(15\\)\" )[](<https://2.bp.blogspot.com/-7-RVRp7fEhA/Yd0JOaVxK7I/AAAAAAAA7tM/QYtEnlH6G4kZRr1nE1BS3EwwjgXHmSDEACK4BGAYYCw/s1600/espoofer_2_email-authentication-flow-769656.png>) \nFigure 2. Three types of attackers and their work modes \n\n#### Server mode\n\nTo run espoofer in server mode, you need to have: 1) an IP address (`1.2.3.4`), which outgoing port 25 is not blocked by the ISP, and 2) a domain (`attack.com`).\n\n 1. Domain configuration\n * Set DKIM public key for `attack.com`\n \n \n selector._domainkey.attacker.com TXT \u00a0\"v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNjwdrmp/gcbKLaGQfRZk+LJ6XOWuQXkAOa/lI1En4t4sLuWiKiL6hACqMrsKQ8XfgqN76mmx4CHWn2VqVewFh7QTvshGLywWwrAJZdQ4KTlfR/2EwAlrItndijOfr2tpZRgP0nTY6saktkhQdwrk3U0SZmG7U8L9IPj7ZwPKGvQIDAQAB\" \n \n\n * Set SPF record for `attack.com`\n \n \n attack.com TXT \"v=spf1 ip4:1.2.3.4 +all\" \n \n\n 2. Configure the tool in config.py\n \n \n config ={ \n \t\"attacker_site\": b\"attack.com\", # attack.com \n \t\"legitimate_site_address\": b\"some-email@example.com\", # legitimate.com \n \t\"victim_address\": b\"some-email@example.com\", # some-email@example.com \n \t\"case_id\": b\"server_a1\", # server_a1 \n } \n \n\nYou can list find the case_id of all test cases using `-l` option:\n \n \n python3 espoofer.py -l \n \n\n 3. Run the tool to send a spoofing email\n \n \n python3 espoofer.py \n \n\nYou can change case_id in the config.py or use `-id` option in the [command line](<https://www.kitploit.com/search/label/Command%20Line> \"command line\" ) to test different cases:\n \n \n python3 espoofer.py -id server_a1 \n \n\n#### Client mode\n\nTo run epsoofer in client mode, you need to have an account on the target email services. This attack exploits the failure of some email services to perform sufficient validation of emails received from local MUAs. For example, `some-email@example.com` tries to impersonate `some-email@example.com`. \n\n 1. Configure the tool in config.py\n \n \n config ={ \n \t\"legitimate_site_address\": b\"some-email@example.com\", \u00a0 \n \t\"victim_address\": b\"some-email@example.com\", \n \t\"case_id\": b\"client_a1\", \n \n \t\"client_mode\": { \n \t\t\"sending_server\": (\"smtp.gmail.com\", 587), \u00a0# SMTP sending serve ip and port \n \t\t\"username\": b\"some-email@example.com\", # Your account username and password \n \t\t\"password\": b\"your_passward_here\", \n \t}, \n } \n \n\nYou can list find the case_id of all test cases using `-l` option:\n \n \n python3 espoofer.py -l \n \n\n> Note: `sending_server` should be the SMTP sending server address, not the receiving server address.\n\n 2. Run the tool to send a spoofing email\n \n \n python3 espoofer.py -m c \n \n\nYou can change case_id in the config.py and run it again, or you can use `-id` option in the command line:\n \n \n python3 espoofer.py -m c -id client_a1 \n \n\n#### Manual mode\n\nHere is an example of manual mode:\n \n \n python3 espoofer.py -m m -helo attack.com -mfrom <some-email@example.com> -rcptto <some-email@example.com> -data raw_msg_here -ip 127.0.0.1 -port 25 \n \n\n### Screenshots\n\n 1. A brief overview of test cases.\n\n[](<https://github.com/chenjj/espoofer/blob/master/images/list_caseid.png> \"An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.<g-emoji alias=beers class=g-emoji fallback-src=https://github.githubassets.com/images/icons/emoji/unicode/1f37b.png>&#127867;</g-emoji> \\(17\\)\" )[](<https://2.bp.blogspot.com/-z1ciIgV2Ffg/Yd0JOo18b0I/AAAAAAAA7tU/qoKlcgQUfXMZ5mzdrrSCjwPVmA9dQiF1QCK4BGAYYCw/s1600/espoofer_3_list_caseid-770105.png>)\n\n## Bugs found with this tool\n\n * Gmail.com DMARC bypass demo video, <https://youtu.be/xuKZpT0rsd0>\n * Outlook.com DMARC bypass video, <https://youtu.be/IsWgAEbPaK0>\n * Yahoo.com DMARC bypass video, <https://youtu.be/DRepfStOruE>\n * Protonmail.com DMARC bypass video, <https://youtu.be/bh4_SoPniMA>\n * CVE-2020-12272, OpenDMARC bypass bug report, <https://sourceforge.net/p/opendmarc/tickets/237/>\n * CVE-2019-20790, OpenDMARC and pypolicyd-spf bypass bug report, <https://sourceforge.net/p/opendmarc/tickets/235/>\n * Mail.ru DMARC bypass bug report on HackerOne, <https://hackerone.com/reports/731878>\n\nWelcome to send a pull request to file your bug report here.\n\n## Q&amp;A\n\n 1. How do I know if the email has bypassed DMARC authentication successfully?\n\nYou can check it in the Authentication-results header in the raw message headers. If the header shows `dmarc=pass`, it means the email has passed the DMARC authentication. You can check some demos video [here](<https://www.youtube.com/playlist?list=PL--A-gWJV1dJ19SyhkzklMC3C8ra1kK5-> \"here\" ).\n\n 2. Why do emails fail to send?\n\nThere are several possible reasons if you fail to send an email: 1) your ISP blocks outgoing emails to port 25 to prevent spam. In this case, you need to ask for permission from the ISP; 2) the IP address is in the spam list of the target email services. In many cases, you resolve the problem here, <https://www.spamhaus.org/lookup/> ; 3) some email services check if there is a PTR record for the sending IP, you may also need to set the PTR record to bypass this check; 4) the email cannot pass the format validation of the target email service, you may want to try a different test case.\n\n 3. Why the email goes to the spam folder? Any way to avoid this?\n\nCurrently, espoofer focuses on bypassing SPF/DKIM/DMARC authentication and doesn't aim for spam filter bypass. But you could try to use a reputable sending IP address, domain, and benign message content to bypass the spam filter.\n\n 4. Why I send an email successfully but the email didn't show up in either inbox or spam folder?\n\nIn our prior experiences, some email services filter suspicious emails silently.\n\n 5. When testing server_a5/a6, why I cannot set specical characters like \"(\" in the domain?\n\nYou will need to set up your own authority DNS server, rather than use third-party DNS hosting services, as some DNS hosting services have restrictions on setting specical characters. See [issue](<https://github.com/chenjj/espoofer/issues/2#issuecomment-686918954> \"issue\" ).\n\n## Credits\n\nWelcome to add more test cases.\n\n \n \n\n\n**[Download Espoofer](<https://github.com/chenjj/espoofer> \"Download Espoofer\" )**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-14T20:30:00", "type": "kitploit", "title": "Espoofer - An Email Spoofing Testing Tool That Aims To Bypass SPF/DKIM/DMARC And Forge DKIM Signatures", "bulletinFamily": "tools", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790", "CVE-2020-12272"], "modified": "2022-01-14T20:30:00", "id": "KITPLOIT:3564516228354329644", "href": "http://www.kitploit.com/2022/01/espoofer-email-spoofing-testing-tool.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2023-05-27T14:49:25", "description": "OpenDMARC (Domain-based Message Authentication, Reporting & Conformance) provides an open source library that implements the DMARC verification service plus a milter-based filter application that can plug in to any milter-aware MTA, including sendmail, Postfix, or any other MTA that suppor ts the milter protocol. The DMARC sender authentication system is still a draft standard, working towards RFC status. The database schema required for some functions is provided in /usr/share/opendmarc/db. The rddmarc tools are provided in /usr/share/opendmarc/contrib/rddmarc. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-31T00:47:53", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: opendmarc-1.4.1-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790", "CVE-2020-12272", "CVE-2020-12460"], "modified": "2021-05-31T00:47:53", "id": "FEDORA:CF70D304C758", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2D4JGHMALEJEWWG56DKR5OZB22TK7W5B/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-27T14:49:25", "description": "OpenDMARC (Domain-based Message Authentication, Reporting & Conformance) provides an open source library that implements the DMARC verification service plus a milter-based filter application that can plug in to any milter-aware MTA, including sendmail, Postfix, or any other MTA that suppor ts the milter protocol. The DMARC sender authentication system is still a draft standard, working towards RFC status. The database schema required for some functions is provided in /usr/share/opendmarc/db. The rddmarc tools are provided in /usr/share/opendmarc/contrib/rddmarc. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-31T01:05:38", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: opendmarc-1.4.1-1.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790", "CVE-2020-12272", "CVE-2020-12460"], "modified": "2021-05-31T01:05:38", "id": "FEDORA:DA6C1304E4BF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KBOGOQOK3TIWWJV66MW5YWNRJAFFYGR5/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2023-05-27T15:00:33", "description": "OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field (CVE-2019-20790). OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring (CVE-2020-12272). OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a '\\0' byte overwrites the heap metadata of the next chunk and its PREV_INUSE flag (CVE-2020-12460). \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-10-06T19:41:56", "type": "mageia", "title": "Updated opendmarc packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790", "CVE-2020-12272", "CVE-2020-12460"], "modified": "2021-10-06T19:41:55", "id": "MGASA-2021-0462", "href": "https://advisories.mageia.org/MGASA-2021-0462.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2023-05-27T14:56:04", "description": "\n\nOpenDMARC releases prior to 1.4.1 are susceptible to the following\n\tvulnerabilities:\n\n(CVE-2019-16378) OpenDMARC through 1.3.2 and 1.4.x through\n\t 1.4.0-Beta1 is prone to a signature-bypass vulnerability with\n\t multiple From: addresses, which might affect applications that\n\t consider a domain name to be relevant to the origin of an e-mail\n\t message.\n(CVE-2019-20790) OpenDMARC through 1.3.2 and 1.4.x, when used\n\t with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC\n\t authentication in situations where the HELO field is inconsistent\n\t with the MAIL FROM field.\n(CVE-2020-12272) OpenDMARC through 1.3.2 and 1.4.x allows\n\t attacks that inject authentication results to provide false\n\t information about the domain that originated an e-mail\n\t message.\n(CVE-2020-12460) OpenDMARC through 1.3.2 and 1.4.x through\n\t 1.4.0-Beta1 has improper null termination in the function\n\t opendmarc_xml_parse that can result in a one-byte heap overflow in\n\t opendmarc_xml when parsing a specially crafted DMARC aggregate\n\t report. This can cause remote memory corruption.\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-04-06T00:00:00", "type": "freebsd", "title": "OpenDMARC - Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16378", "CVE-2019-20790", "CVE-2020-12272", "CVE-2020-12460"], "modified": "2021-04-06T00:00:00", "id": "937AA1D6-685E-11EC-A636-000C29061CE6", "href": "https://vuxml.freebsd.org/freebsd/937aa1d6-685e-11ec-a636-000c29061ce6.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2022-07-26T16:33:27", "description": "OpenDMARC is vulnerable to denial of service. The vulnerability exists due to the ability to inject authentication results to provide false information about the domain that originated an e-mail message. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2021-06-01T10:46:55", "type": "veracode", "title": "Privilege Escalation", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12272"], "modified": "2021-06-02T16:33:31", "id": "VERACODE:30771", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-30771/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-18T07:02:50", "description": "OpenDMARC is vulnerable to privilege escaltion. The vulnerability exists due to `pypolicyd-spf` allowing an attacker to bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-05-31T18:01:12", "type": "veracode", "title": "Privilege Escalation", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790"], "modified": "2022-11-16T07:03:26", "id": "VERACODE:30756", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-30756/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2023-05-27T15:15:34", "description": "OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-04-27T14:15:00", "type": "debiancve", "title": "CVE-2020-12272", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12272"], "modified": "2020-04-27T14:15:00", "id": "DEBIANCVE:CVE-2020-12272", "href": "https://security-tracker.debian.org/tracker/CVE-2020-12272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-27T15:15:34", "description": "OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T14:15:00", "type": "debiancve", "title": "CVE-2019-20790", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790"], "modified": "2020-04-27T14:15:00", "id": "DEBIANCVE:CVE-2019-20790", "href": "https://security-tracker.debian.org/tracker/CVE-2019-20790", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-05-27T14:23:54", "description": "OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-04-27T14:15:00", "type": "cve", "title": "CVE-2020-12272", "cwe": ["CWE-290"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12272"], "modified": "2022-11-16T03:20:00", "cpe": ["cpe:/o:fedoraproject:fedora:34", "cpe:/a:trusteddomain:opendmarc:1.3.2", "cpe:/o:fedoraproject:fedora:33", "cpe:/a:trusteddomain:opendmarc:1.4.0"], "id": "CVE-2020-12272", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:trusteddomain:opendmarc:1.4.0:beta0:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:trusteddomain:opendmarc:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:trusteddomain:opendmarc:1.4.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:trusteddomain:opendmarc:1.4.0:-:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:45:40", "description": "OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T14:15:00", "type": "cve", "title": "CVE-2019-20790", "cwe": ["CWE-290"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790"], "modified": "2022-11-16T03:18:00", "cpe": ["cpe:/a:trusteddomain:opendmarc:1.3.2", "cpe:/a:trusteddomain:opendmarc:1.4.0", "cpe:/o:fedoraproject:fedora:33", "cpe:/o:fedoraproject:fedora:34", "cpe:/a:pypolicyd-spf_project:pypolicyd-spf:2.0.2"], "id": "CVE-2019-20790", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-20790", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:pypolicyd-spf_project:pypolicyd-spf:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:trusteddomain:opendmarc:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:a:trusteddomain:opendmarc:1.3.2:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-05-27T13:37:28", "description": "OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication\nresults to provide false information about the domain that originated an\ne-mail message. This is caused by incorrect parsing and interpretation of\nSPF/DKIM authentication results, as demonstrated by the\nexample.net(.example.com substring.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2020-04-27T00:00:00", "type": "ubuntucve", "title": "CVE-2020-12272", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-12272"], "modified": "2020-04-27T00:00:00", "id": "UB:CVE-2020-12272", "href": "https://ubuntu.com/security/CVE-2020-12272", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-27T13:37:28", "description": "OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2,\nallows attacks that bypass SPF and DMARC authentication in situations where\nthe HELO field is inconsistent with the MAIL FROM field.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-27T00:00:00", "type": "ubuntucve", "title": "CVE-2019-20790", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20790"], "modified": "2020-04-27T00:00:00", "id": "UB:CVE-2019-20790", "href": "https://ubuntu.com/security/CVE-2019-20790", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}