{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-27938", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-02-28T15:14:14.217Z", "datePublished": "2024-03-11T21:18:14.988Z", "dateUpdated": "2024-08-27T19:48:22.783Z"}, "containers": {"cna": {"title": "SMTP Smuggling in Postal", "problemTypes": [{"descriptions": [{"cweId": "CWE-116", "lang": "en", "description": "CWE-116: Improper Encoding or Escaping of Output", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2"}, {"name": "https://github.com/postalserver/postal/commit/0140dc4", "tags": ["x_refsource_MISC"], "url": "https://github.com/postalserver/postal/commit/0140dc4"}, {"name": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide", "tags": ["x_refsource_MISC"], "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide"}, {"name": "https://www.postfix.org/smtp-smuggling.html", "tags": ["x_refsource_MISC"], "url": "https://www.postfix.org/smtp-smuggling.html"}], "affected": [{"vendor": "postalserver", "product": "postal", "versions": [{"version": "< 3.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-11T21:18:14.988Z"}, "descriptions": [{"lang": "en", "value": "Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from a server that a user has 'authorised' to send mail on their behalf but were not the genuine author of the e-mail. Postal is not affected for sending outgoing e-mails as email is re-encoded with `<CR><LF>` line endings when transmitted over SMTP. This issue has been addressed and users should upgrade to Postal v3.0.0 or higher. Once upgraded, Postal will only accept End of DATA sequences which are explicitly `<CR><LF>.<CR><LF>`. If a non-compliant sequence is detected it will be logged to the SMTP server log. There are no workarounds for this issue."}], "source": {"advisory": "GHSA-j42r-6c99-hqf2", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.742Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2"}, {"name": "https://github.com/postalserver/postal/commit/0140dc4", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/postalserver/postal/commit/0140dc4"}, {"name": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide"}, {"name": "https://www.postfix.org/smtp-smuggling.html", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.postfix.org/smtp-smuggling.html"}]}, {"affected": [{"vendor": "postalserver", "product": "postal", "cpes": ["cpe:2.3:a:postalserver:postal:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "3.0.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-27T19:45:59.549699Z", "id": "CVE-2024-27938", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T19:48:22.783Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2", "name": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/postalserver/postal/commit/0140dc4", "name": "https://github.com/postalserver/postal/commit/0140dc4", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide", "name": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://www.postfix.org/smtp-smuggling.html", "name": "https://www.postfix.org/smtp-smuggling.html", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:41:55.742Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-27938", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-27T19:45:59.549699Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:postalserver:postal:*:*:*:*:*:*:*:*"], "vendor": "postalserver", "product": "postal", "versions": [{"status": "affected", "version": "0", "lessThan": "3.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-27T19:48:17.945Z"}}], "cna": {"title": "SMTP Smuggling in Postal", "source": {"advisory": "GHSA-j42r-6c99-hqf2", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "postalserver", "product": "postal", "versions": [{"status": "affected", "version": "< 3.0.0"}]}], "references": [{"url": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2", "name": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/postalserver/postal/commit/0140dc4", "name": "https://github.com/postalserver/postal/commit/0140dc4", "tags": ["x_refsource_MISC"]}, {"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide", "name": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide", "tags": ["x_refsource_MISC"]}, {"url": "https://www.postfix.org/smtp-smuggling.html", "name": "https://www.postfix.org/smtp-smuggling.html", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from a server that a user has 'authorised' to send mail on their behalf but were not the genuine author of the e-mail. Postal is not affected for sending outgoing e-mails as email is re-encoded with `<CR><LF>` line endings when transmitted over SMTP. This issue has been addressed and users should upgrade to Postal v3.0.0 or higher. Once upgraded, Postal will only accept End of DATA sequences which are explicitly `<CR><LF>.<CR><LF>`. If a non-compliant sequence is detected it will be logged to the SMTP server log. There are no workarounds for this issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116: Improper Encoding or Escaping of Output"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-03-11T21:18:14.988Z"}}}, "cveMetadata": {"cveId": "CVE-2024-27938", "state": "PUBLISHED", "dateUpdated": "2024-08-27T19:48:22.783Z", "dateReserved": "2024-02-28T15:14:14.217Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-03-11T21:18:14.988Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:postalserver:postal:*:*:*:*:*:*:*:*", "matchCriteriaId": "C06A3275-3BD9-4478-9D50-BB5739736A2F", "versionEndExcluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Postal is an open source SMTP server. Postal versions less than 3.0.0 are vulnerable to SMTP Smuggling attacks which may allow incoming e-mails to be spoofed. This, in conjunction with a cooperative outgoing SMTP service, would allow for an incoming e-mail to be received by Postal addressed from a server that a user has 'authorised' to send mail on their behalf but were not the genuine author of the e-mail. Postal is not affected for sending outgoing e-mails as email is re-encoded with `<CR><LF>` line endings when transmitted over SMTP. This issue has been addressed and users should upgrade to Postal v3.0.0 or higher. Once upgraded, Postal will only accept End of DATA sequences which are explicitly `<CR><LF>.<CR><LF>`. If a non-compliant sequence is detected it will be logged to the SMTP server log. There are no workarounds for this issue."}, {"lang": "es", "value": "Postal es un servidor SMTP de c\u00f3digo abierto. Las versiones postales inferiores a 3.0.0 son vulnerables a ataques de contrabando SMTP que pueden permitir que los correos electr\u00f3nicos entrantes sean falsificados. Esto, junto con un servicio SMTP saliente cooperativo, permitir\u00eda recibir un correo electr\u00f3nico entrante por correo postal con direcci\u00f3n desde un servidor que un usuario ha \"autorizado\" a enviar correo en su nombre pero que no es el verdadero autor del correo electr\u00f3nico. -correo. Postal no se ve afectado para el env\u00edo de correos electr\u00f3nicos salientes, ya que el correo electr\u00f3nico se vuelve a codificar con finales de l\u00ednea `` cuando se transmite a trav\u00e9s de SMTP. Este problema se solucion\u00f3 y los usuarios deben actualizar a Postal v3.0.0 o superior. Una vez actualizado, Postal solo aceptar\u00e1 secuencias de fin de DATOS que sean expl\u00edcitamente `.`. Si se detecta una secuencia no compatible, se registrar\u00e1 en el registro del servidor SMTP. No existen soluciones alternativas para este problema."}], "id": "CVE-2024-27938", "lastModified": "2025-04-10T18:15:14.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-11T22:15:55.490", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/postalserver/postal/commit/0140dc4"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2"}, {"source": "security-advisories@github.com", "tags": ["Technical Description"], "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide"}, {"source": "security-advisories@github.com", "tags": ["Exploit"], "url": "https://www.postfix.org/smtp-smuggling.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/postalserver/postal/commit/0140dc4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/postalserver/postal/security/advisories/GHSA-j42r-6c99-hqf2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Technical Description"], "url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://www.postfix.org/smtp-smuggling.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-116"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}