GitHub Advisory DatabaseGHSA-H92M-42H4-82F6High severity vulnerability that affects postfix-mta-sts-resolver
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
EPSS
Percentile
43.1%
Incorrect query parsing
Impact
All users of versions prior to 0.5.1 can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS policy.
Patches
Problem has been patched in version 0.5.1
Workarounds
Users may remediate this vulnerability without upgrading by applying these patches to older suppoorted versions.
For more information
If you have any questions or comments about this advisory:
- Open an issue in postfix-mta-sts-resolver repo
- Email me at vladislav at vm-0 dot com
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| postfix-mta-sts-resolver_project | postfix-mta-sts-resolver | * | cpe:2.3:a:postfix-mta-sts-resolver_project:postfix-mta-sts-resolver:*:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N
EPSS
Percentile
43.1%