RoundCube Webmail CVE-2017-8114 Multiple Privilege Escalation Vulnerabilities
by CIRT Team
Description: RoundCube Webmail is prone to multiple privilege escalation vulnerabilities. RoundCube Webmail versions prior to 1.0.11, 1.1.x prior to 1.1.9, and 1.2.x prior to 1.2.5 are vulnerable.
Impact: An attackers may exploit these issues to gain elevated privileges.
Mitigation: Updates are available. Please check specific vendor advisory for more information.
Reference URL’s:
- http://www.securityfocus.com/bid/98445/info
- https://roundcube.net/news/2017/04/28/security-updates-1.2.5-1.1.9-and-1.0.11