Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A description of 2017-7229: Vaultive O365 Content-Type Mangling

CVE-2017-7299

Vaultive O365 Content-Type Mangling

PGP/MIME encrypted messages injected into a Vaultive O365 frontend via IMAP or SMTP have their Content-Type changed from:

Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="abc123abc123"

to:

Content-Type: text/plain

This results in the encrypted message being structured in such a way that most PGP/MIME-capable mail user agents are unable to decrypt it cleanly.

The outcome is that encrypted mail passing through this device does not work (Denial of Service), and a common real-world consequence is a request to send re-send the mail in the clear (Information Disclosure).

Additional Information

Vaultive has acknowledged the issue and fixed this in version 4.5.21

Vulnerability Type

CWE-222: Truncation of Security-relevant Information

Vendor of Product

Vaultive

Affected Product Code Base

Vaultive Office 365 Security - version 4.5.19

Affected Component

IMAP and SMTP interfaces to Vaultive O365 Security (other interfaces untested)

Impact

  • Denial of Service
  • Information Disclosure

Attack Vectors

The vulnerability is triggered by anyone sending PGP/MIME encrypted mail through a Vaultive appliance

Discoverer

Daniel Kahn Gillmor, ACLU

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.