Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Required
Privileges Required
None
Attack Vector
Network
0

CVE-2020-12137

Disclosure Date: April 24, 2020
CVE-2020-12137 CVSS v3 Base Score: 6.1
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
6.1 Medium
Impact Score:
2.7
Exploitability Score:
2.8
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
Required
Scope (S):
Changed
Confidentiality (C):
Low
Integrity (I):
Low
Availability (A):
None

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • canonical,
  • debian,
  • fedoraproject,
  • gnu,
  • opensuse

Products

  • backports sle 15.0,
  • debian linux 10.0,
  • debian linux 8.0,
  • debian linux 9.0,
  • fedora 31,
  • fedora 32,
  • leap 15.2,
  • mailman,
  • ubuntu linux 16.04,
  • ubuntu linux 18.04

References

Canonical
CVE-2020-12137 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12137)
Advisory
[oss-security] 20200424 Re: mailman 2.x: XSS via file attachments in list archives (http://www.openwall.com/lists/oss-security/2020/04/24/3)
DSA-4664 (https://www.debian.org/security/2020/dsa-4664)
[debian-lts-announce] 20200503 [SECURITY] [DLA 2200-1] mailman security update (https://lists.debian.org/debian-lts-announce/2020/05/msg00002.html)
USN-4348-1 (https://usn.ubuntu.com/4348-1)
FEDORA-2020-69f2f1d987 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4COSBBEMJYLV7WSW5QTUJUOFJFK47KK)
FEDORA-2020-20b748e81e (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YCMGTTOXXCVM4O6CYZLTZDX6YLYORNF)
USN-4348-1 (https://usn.ubuntu.com/4348-1/)
FEDORA-2020-69f2f1d987 (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4COSBBEMJYLV7WSW5QTUJUOFJFK47KK/)
FEDORA-2020-20b748e81e (https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6YCMGTTOXXCVM4O6CYZLTZDX6YLYORNF/)
openSUSE-SU-2020:1707 (http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00047.html)
openSUSE-SU-2020:1752 (http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00063.html)
Miscellaneous
https://www.openwall.com/lists/oss-security/2020/02/24/2
https://www.openwall.com/lists/oss-security/2020/02/24/3
http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/view/head:/NEWS

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis