Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-15T03:45:16

Updated: 2024-08-05T02:02:39.852Z

Reserved: 2019-11-12T00:00:00

Link: CVE-2019-18928

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-15T04:15:10.267

Modified: 2024-11-21T04:33:51.193

Link: CVE-2019-18928

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-11-14T00:00:00Z

Links: CVE-2019-18928 - Bugzilla