If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird < 68.9.0.
Weakness
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Thunderbird | Mozilla | * | 68.9.0 (excluding) |
| Red Hat Enterprise Linux 6 | RedHat | thunderbird-0:68.9.0-1.el6_10 | * |
| Red Hat Enterprise Linux 7 | RedHat | thunderbird-0:68.9.0-1.el7_8 | * |
| Red Hat Enterprise Linux 8 | RedHat | thunderbird-0:68.9.0-1.el8_2 | * |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | RedHat | thunderbird-0:68.9.0-1.el8_0 | * |
| Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | thunderbird-0:68.9.0-1.el8_1 | * |
| Thunderbird | Ubuntu | bionic | * |
| Thunderbird | Ubuntu | devel | * |
| Thunderbird | Ubuntu | eoan | * |
| Thunderbird | Ubuntu | focal | * |
| Thunderbird | Ubuntu | trusty | * |
| Thunderbird | Ubuntu | upstream | * |
| Thunderbird | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/102.html
- https://cwe.mitre.org/data/definitions/117.html
- https://cwe.mitre.org/data/definitions/383.html
- https://cwe.mitre.org/data/definitions/477.html
- https://cwe.mitre.org/data/definitions/65.html