Vulnerability Description
Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary messages with Mailvelope, assuming the private key password is cached. A second vulnerability allows an attacker to decrypt an arbitrary message when the GnuPG backend is used in Mailvelope.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mailvelope | Mailvelope | < 3.3.0 |
Related Weaknesses (CWE)
References
- https://github.com/mailvelope/mailvelope/blob/master/Changelog.md#v330Release NotesThird Party Advisory
- https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/MailvelThird Party Advisory
- https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/MailvelExploitThird Party Advisory
- https://github.com/mailvelope/mailvelope/blob/master/Changelog.md#v330Release NotesThird Party Advisory
- https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/MailvelThird Party Advisory
- https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/MailvelExploitThird Party Advisory
FAQ
What is CVE-2019-9149?
CVE-2019-9149 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Mailvelope prior to 3.3.0 allows private key operations without user interaction via its client-API. By modifying an URL parameter in Mailvelope, an attacker is able to sign (and encrypt) arbitrary me...
How severe is CVE-2019-9149?
CVE-2019-9149 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-9149?
Check the references section above for vendor advisories and patch information. Affected products include: Mailvelope Mailvelope.