CVE-2019-18862 — HIGH (7.8)

Q: What is CVE-2019-18862?

CVE-2019-18862 is a vulnerability with a CVSS score of 7.8 (HIGH). maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.

Q: How severe is CVE-2019-18862?

CVE-2019-18862 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-18862?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Mailutils.

Vulnerability Description

maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Gnu	Mailutils	< 3.8

References

http://packetstormsecurity.com/files/155425/GNU-Mailutils-3.7-Privilege-Escalati
https://git.savannah.gnu.org/cgit/mailutils.git/tree/NEWSVendor Advisory
https://security.gentoo.org/glsa/202006-12
http://packetstormsecurity.com/files/155425/GNU-Mailutils-3.7-Privilege-Escalati
https://git.savannah.gnu.org/cgit/mailutils.git/tree/NEWSVendor Advisory
https://security.gentoo.org/glsa/202006-12

FAQ

What is CVE-2019-18862?

CVE-2019-18862 is a vulnerability with a CVSS score of 7.8 (HIGH). maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.

How severe is CVE-2019-18862?

CVE-2019-18862 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-18862?

Check the references section above for vendor advisories and patch information. Affected products include: Gnu Mailutils.