CVE-2025-59032
ManageSieve AUTHENTICATE Crash via SASL Literal Causes DoS
Publication date: 2026-03-27
Last updated on: 2026-04-30
Assigner: Open-Xchange
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dovecot | dovecot | to 2.4.3 (exc) |
| open-xchange | dovecot | to 3.1.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability causes the ManageSieve AUTHENTICATE command to crash the service, leading to denial of service (availability impact). However, there is no indication that it affects confidentiality or integrity of data.
Since the vulnerability impacts availability but not confidentiality or integrity, its direct effect on compliance with standards like GDPR or HIPAAβwhich emphasize protection of personal data confidentiality and integrityβis limited.
Nevertheless, availability is a component of these regulations, so repeated service crashes could potentially affect compliance if critical services are disrupted and not properly managed or mitigated.
Mitigation recommendations include controlling access to the ManageSieve port, disabling the service if not needed, or upgrading to a fixed version, which can help maintain compliance by ensuring service availability.
Can you explain this vulnerability to me?
This vulnerability occurs in the ManageSieve service when the AUTHENTICATE command is used with a literal as the SASL initial response. This causes the ManageSieve service to crash repeatedly.
As a result, the service becomes unavailable to other users.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service condition where the ManageSieve service crashes repeatedly and becomes unavailable to users.
This can disrupt normal operations that rely on the ManageSieve service.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should control access to the ManageSieve port or disable the service if it is not needed.
Alternatively, upgrading to a fixed version of the software is recommended.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
There are no publicly available exploits or specific detection commands provided for this vulnerability.
To detect attempts to exploit this vulnerability, monitoring the ManageSieve service for crashes or repeated connection failures on its port may help identify potential attacks.
Additionally, controlling access to the ManageSieve port or disabling the service if not needed are recommended mitigation steps.