CVE-2008-4577
HIGH7.5EPSS 1.1%Published: 10/15/2008Modified: 4/28/2026
Also known as:DEBIAN-CVE-2008-4577
Description
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.
Affected packages (1)
- Debian/dovecotfrom 0, < 1:1.0.15-2.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |