Full authentication bypass if SASL authorization username is specified
CVE-2023-27582

9.1CRITICAL

Key Information:

Vendor

Foxcpp

Status
Maddy
Vendor
CVE Published:
13 March 2023

What is CVE-2023-27582?

Maddy is a versatile mail server that suffers from a significant authentication bypass vulnerability. In versions from 0.2.0 through 0.6.2, if the SASL authorization username is specified using the PLAIN authentication mechanism, the server accepts the specified username without validating it against the credentials. This flaw permits unauthorized access to the mail server by exploiting the SASL authorization process, effectively allowing attackers to bypass security measures. Maddy version 0.6.3 addresses this issue, and it is recommended that users upgrade to this version or later to ensure their systems are secure.

Affected Version(s)

maddy >= 0.2.0 0.6.3

References

https://github.com/foxcpp/maddy/security/advisories/GHSA-...
x_refsource_CONFIRM
https://github.com/foxcpp/maddy/commit/55a91a37b71210f34f...
x_refsource_MISC
https://github.com/foxcpp/maddy/commit/9f58cb64b39cdc0192...
x_refsource_MISC

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.