GitHub Advisory DatabaseGHSA-4G76-W3XW-2X6WFull authentication bypass if SASL authorization username is specified
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
56.4%
Impact
maddy 0.2.0 - 0.6.2 allows a full authentication bypass if SASL authorization username is specified when using the PLAIN authentication mechanisms. Instead of validating the specified authorization username, it is accepted as is after checking the credentials for the authentication username.
Patches
maddy 0.6.3 includes the fix for the bug.
Workarounds
There is no way to fix the issue without upgrading.
References
- Commit that introduced the vulnerable code: https://github.com/foxcpp/maddy/commit/55a91a37b71210f34f98f4d327c30308fe24399a
- Fix: https://github.com/foxcpp/maddy/commit/9f58cb64b39cdc01928ec463bdb198c4c2313a9c
Affected configurations
References
github.com/advisories/GHSA-4g76-w3xw-2x6w
github.com/foxcpp/maddy/commit/55a91a37b71210f34f98f4d327c30308fe24399a
github.com/foxcpp/maddy/commit/9f58cb64b39cdc01928ec463bdb198c4c2313a9c
github.com/foxcpp/maddy/releases/tag/v0.6.3
github.com/foxcpp/maddy/security/advisories/GHSA-4g76-w3xw-2x6w
nvd.nist.gov/vuln/detail/CVE-2023-27582
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
56.4%