CVE-2022-31245

Published: May 20, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/mailcow/mailcow-dockerized/releases/tag/2022-05d

x_refsource_MISC

https://github.com/ly1g3/Mailcow-CVE-2022-31245

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-31245

Description

Affected Products

References