{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-15685", "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "dateUpdated": "2024-08-04T13:22:30.812Z", "dateReserved": "2020-07-10T00:00:00", "datePublished": "2022-12-22T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla", "dateUpdated": "2022-12-22T00:00:00"}, "descriptions": [{"lang": "en", "value": "During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7."}], "affected": [{"vendor": "Mozilla", "product": "Thunderbird", "versions": [{"version": "unspecified", "lessThan": "78.7", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2021-05/"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1622640"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "IMAP Response Injection when using STARTTLS"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T13:22:30.812Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.mozilla.org/security/advisories/mfsa2021-05/", "tags": ["x_transferred"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1622640", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*", "matchCriteriaId": "69DAB4DE-35AD-441B-B998-25C0BE041AD6", "versionEndExcluding": "78.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7."}, {"lang": "es", "value": "Durante la fase de texto plano de la configuraci\u00f3n de la conexi\u00f3n STARTTLS, se podr\u00edan haber inyectado y evaluado comandos de protocolo dentro de la sesi\u00f3n cifrada. Esta vulnerabilidad afecta a Thunderbird &lt; 78.7."}], "id": "CVE-2020-15685", "lastModified": "2023-01-04T14:14:21.697", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-22T20:15:11.467", "references": [{"source": "security@mozilla.org", "tags": ["Exploit", "Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1622640"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "https://www.mozilla.org/security/advisories/mfsa2021-05/"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Damian Poddebniak as the original reporter.", "affected_release": [{"advisory": "RHSA-2021:0297", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:78.7.0-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2021-01-28T00:00:00Z"}, {"advisory": "RHSA-2021:0298", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:78.7.0-1.el8_3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-01-28T00:00:00Z"}, {"advisory": "RHSA-2021:0397", "cpe": "cpe:/a:redhat:rhel_eus:8.1", "package": "thunderbird-0:78.7.0-1.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Extended Update Support", "release_date": "2021-02-03T00:00:00Z"}, {"advisory": "RHSA-2021:0299", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:78.7.0-1.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2021-01-28T00:00:00Z"}], "bugzilla": {"description": "Mozilla: IMAP Response Injection when using STARTTLS", "id": "1921543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921543"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-924", "details": ["During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. This vulnerability affects Thunderbird < 78.7.", "A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes that during the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session."], "name": "CVE-2020-15685", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2021-01-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-15685\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-15685\nhttps://www.mozilla.org/en-US/security/advisories/mfsa2021-05/#CVE-2020-15685"], "statement": "Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory.", "threat_severity": "Moderate", "upstream_fix": "thunderbird 78.7"}