Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-11-15T03:45:16
Updated: 2024-08-05T02:02:39.852Z
Reserved: 2019-11-12T00:00:00
Link: CVE-2019-18928
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-11-15T04:15:10.267
Modified: 2024-11-21T04:33:51.193
Link: CVE-2019-18928
Redhat