CCE-94400-9| Platform: cpe:/o:oracle:linux:8, cpe:/o:redhat:enterprise_linux:8, cpe:/o:redhat:enterprise_linux:9 | Date: (C)2019-11-07 (M)2023-07-04 |
To allow clients to make encrypted connections the 'ssl'
flag in Dovecot's configuration file needs to be set to 'yes'.
Edit '/etc/dovecot/conf.d/10-ssl.conf' and add or correct the following line:
'ssl = yes'
Parameter:
[yes/no]
Technical Mechanism:
SSL encrypt network traffic between the Dovecot server and its clients
protecting user credentials, mail as it is downloaded, and clients may use
SSL certificates to authenticate the server, preventing another system from
impersonating the server.
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 6.5 | Attack Vector: ADJACENT_NETWORK |
| Exploit Score: 2.8 | Attack Complexity: LOW |
| Impact Score: 3.6 | Privileges Required: NONE |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: NONE |
| | Availability: NONE |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:84083 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:55795 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:72208 |
