CVE-2021-32056
CVE-2021-32056
Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to bypass intended access restrictions on server annotations and consequently cause replication to stall.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cyrus.topicbox.com/groups/announce/T056901c106ecfce3/cyrus-imap-3-4-1-releasedhttps://cyrus.topicbox.com/groups/announce/T126392718bc29d6b/cyrus-imap-3-2-7-releasedhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6HEO3RURJW6NLIXS7NK5PVU6MGHC4SCM/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WJZB45QBUN7CZFGOWCZYUYACNBTX7LVS/https://www.cyrusimap.org/imap/download/release-notes/3.2/x/3.2.7.htmlhttps://www.cyrusimap.org/imap/download/release-notes/3.4/x/3.4.1.html