It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference.
Weakness
The product does not validate, or incorrectly validates, a certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Evolution-ews | Gnome | * | 3.31.3 (excluding) |
| Red Hat Enterprise Linux 7 | RedHat | atk-0:2.28.1-2.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-0:3.28.5-8.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-data-server-0:3.28.5-4.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | evolution-ews-0:3.28.5-5.el7 | * |
| Red Hat Enterprise Linux 8 | RedHat | evolution-0:3.28.5-9.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | evolution-data-server-0:3.28.5-11.el8 | * |
| Red Hat Enterprise Linux 8 | RedHat | evolution-ews-0:3.28.5-5.el8 | * |
| Evolution-ews | Ubuntu | bionic | * |
| Evolution-ews | Ubuntu | cosmic | * |
| Evolution-ews | Ubuntu | disco | * |
| Evolution-ews | Ubuntu | eoan | * |
| Evolution-ews | Ubuntu | focal | * |
| Evolution-ews | Ubuntu | groovy | * |
| Evolution-ews | Ubuntu | hirsute | * |
| Evolution-ews | Ubuntu | impish | * |
| Evolution-ews | Ubuntu | kinetic | * |
| Evolution-ews | Ubuntu | lunar | * |
| Evolution-ews | Ubuntu | mantic | * |
| Evolution-ews | Ubuntu | oracular | * |
| Evolution-ews | Ubuntu | plucky | * |
| Evolution-ews | Ubuntu | trusty | * |
| Evolution-ews | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
References
- https://access.redhat.com/errata/RHSA-2019:3699
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890
- https://gitlab.gnome.org/GNOME/evolution-ews/issues/27
- https://access.redhat.com/errata/RHSA-2019:3699
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3890
- https://gitlab.gnome.org/GNOME/evolution-ews/issues/27