CVE-2018-15667 — HIGH (7.5)

Vulnerability Description

An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can use its functionality. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the "send" command, thus leading to automatic transmission of an attacker crafted email from the target account.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Airmailapp	Airmail	3.3.5.9

Related Weaknesses (CWE)

CWE-287

References

https://versprite.com/advisories/airmail-3-for-mac/Third Party Advisory
https://versprite.com/advisories/airmail-3-for-mac/Third Party Advisory

FAQ

What is CVE-2018-15667?

CVE-2018-15667 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary email...

How severe is CVE-2018-15667?

CVE-2018-15667 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-15667?

Check the references section above for vendor advisories and patch information. Affected products include: Airmailapp Airmail.