CVE-2026-24031
7.7
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Summary
Dovecot SQL based authentication can be bypassed when auth_username_chars is cleared by admin. This vulnerability allows bypassing authentication for any user and user enumeration. Do not clear auth_username_chars. If this is not possible, install latest fixed version. No publicly available exploits are known.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Open-Xchange GmbH | OX Dovecot Pro | 0 <= 3.1.0 | affected |
| Open-Xchange GmbH | OX Dovecot Pro | 0 <= 2.4.0 | affected |
Weaknesses
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
dovecot: Dovecot: Authentication bypass and user enumeration due to cleared auth_username_chars configuration
Additional References
- https://access.redhat.com/security/cve/CVE-2026-24031
- https://bugzilla.redhat.com/show_bug.cgi?id=2452181
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24031.json
References
- https://documentation.open-xchange.com/dovecot/security/advisories/csaf/2026/oxdc-adv-2026-0001.json
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.