What is the severity of CVE-2014-3430?

CVE-2014-3430 is rated as a high severity vulnerability due to its potential to cause a denial of service through resource consumption.

How do I fix CVE-2014-3430?

To fix CVE-2014-3430, upgrade Dovecot to version 2.2.13 or later or apply the relevant patches provided by your distribution.

What impact does CVE-2014-3430 have on my system?

The impact of CVE-2014-3430 allows remote attackers to consume system resources by triggering denial of service via incomplete SSL/TLS handshakes.

Which versions are affected by CVE-2014-3430?

CVE-2014-3430 affects Dovecot versions 1.1 through 2.2.12.12, including numerous prior versions.

Is there a workaround for CVE-2014-3430 until I can upgrade?

Currently, there are no known effective workarounds for CVE-2014-3430; upgrading is the recommended solution.

Vulnerability/
CVE-2014-3430

medium

CWE

287

14/5/2014

6/8/2024

CVE-2014-3430

First published: Wed May 14 2014(Updated: )

Dovecot 1.1 before 2.2.13 and dovecot-ee before 2.1.7.7 and 2.2.x before 2.2.12.12 does not properly close old connections, which allows remote attackers to cause a denial of service (resource consumption) via an incomplete SSL/TLS handshake for an IMAP/POP3 connection.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Dovecot Dovecot	=1.1
Dovecot Dovecot	=1.1-rc2
Dovecot Dovecot	=1.1.0
Dovecot Dovecot	=1.1.1
Dovecot Dovecot	=1.1.2
Dovecot Dovecot	=1.1.3
Dovecot Dovecot	=1.1.4
Dovecot Dovecot	=1.1.5
Dovecot Dovecot	=1.1.6
Dovecot Dovecot	=1.2.0
Dovecot Dovecot	=1.2.1
Dovecot Dovecot	=1.2.2
Dovecot Dovecot	=1.2.3
Dovecot Dovecot	=1.2.4
Dovecot Dovecot	=1.2.5
Dovecot Dovecot	=1.2.6
Dovecot Dovecot	=1.2.7
Dovecot Dovecot	=1.2.8
Dovecot Dovecot	=1.2.9
Dovecot Dovecot	=1.2.10
Dovecot Dovecot	=1.2.11
Dovecot Dovecot	=1.2.12
Dovecot Dovecot	=1.2.13
Dovecot Dovecot	=1.2.14
Dovecot Dovecot	=1.2.15
Dovecot Dovecot	=2.0-beta1
Dovecot Dovecot	=2.0.0
Dovecot Dovecot	=2.0.1
Dovecot Dovecot	=2.0.2
Dovecot Dovecot	=2.0.3
Dovecot Dovecot	=2.0.4
Dovecot Dovecot	=2.0.5
Dovecot Dovecot	=2.0.6
Dovecot Dovecot	=2.0.7
Dovecot Dovecot	=2.0.8
Dovecot Dovecot	=2.0.9
Dovecot Dovecot	=2.0.10
Dovecot Dovecot	=2.0.11
Dovecot Dovecot	=2.0.12
Dovecot Dovecot	=2.0.13
Dovecot Dovecot	=2.0.14
Dovecot Dovecot	=2.0.15
Dovecot Dovecot	=2.1-rc1
Dovecot Dovecot	=2.1-rc2
Dovecot Dovecot	=2.1-rc3
Dovecot Dovecot	=2.1-rc5
Dovecot Dovecot	=2.1-rc6
Dovecot Dovecot	=2.1-rc7
Dovecot Dovecot	=2.1.0
Dovecot Dovecot	=2.1.1
Dovecot Dovecot	=2.1.2
Dovecot Dovecot	=2.1.3
Dovecot Dovecot	=2.1.4
Dovecot Dovecot	=2.1.5
Dovecot Dovecot	=2.1.6
Dovecot Dovecot	=2.1.7
Dovecot Dovecot	=2.1.8
Dovecot Dovecot	=2.1.10
Dovecot Dovecot	=2.1.11
Dovecot Dovecot	=2.1.12
Dovecot Dovecot	=2.1.13
Dovecot Dovecot	=2.1.14
Dovecot Dovecot	=2.1.15
Dovecot Dovecot	=2.2-rc1
Dovecot Dovecot	=2.2-rc2
Dovecot Dovecot	=2.2-rc3
Dovecot Dovecot	=2.2-rc4
Dovecot Dovecot	=2.2-rc5
Dovecot Dovecot	=2.2-rc6
Dovecot Dovecot	=2.2-rc7
Dovecot Dovecot	=2.2.0
Dovecot Dovecot	=2.2.1
Dovecot Dovecot	=2.2.2
Dovecot Dovecot	=2.2.3
Dovecot Dovecot	=2.2.4
Dovecot Dovecot	=2.2.5
Dovecot Dovecot	=2.2.6
Dovecot Dovecot	=2.2.7
Dovecot Dovecot	=2.2.8
Dovecot Dovecot	=2.2.9
Dovecot Dovecot	=2.2.10
Dovecot Dovecot	=2.2.13-rc1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3430?
CVE-2014-3430 is rated as a high severity vulnerability due to its potential to cause a denial of service through resource consumption.
How do I fix CVE-2014-3430?
To fix CVE-2014-3430, upgrade Dovecot to version 2.2.13 or later or apply the relevant patches provided by your distribution.
What impact does CVE-2014-3430 have on my system?
The impact of CVE-2014-3430 allows remote attackers to consume system resources by triggering denial of service via incomplete SSL/TLS handshakes.
Which versions are affected by CVE-2014-3430?
CVE-2014-3430 affects Dovecot versions 1.1 through 2.2.12.12, including numerous prior versions.
Is there a workaround for CVE-2014-3430 until I can upgrade?
Currently, there are no known effective workarounds for CVE-2014-3430; upgrading is the recommended solution.

collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/remedy
agent/last-modified-date
agent/author
agent/first-publish-date
agent/tags
agent/description
agent/event
agent/source
vendor/dovecot
canonical/dovecot dovecot
version/dovecot dovecot/1.1
version/dovecot dovecot/1.1-rc2
version/dovecot dovecot/1.1.0
version/dovecot dovecot/1.1.1
version/dovecot dovecot/1.1.2
version/dovecot dovecot/1.1.3
version/dovecot dovecot/1.1.4
version/dovecot dovecot/1.1.5
version/dovecot dovecot/1.1.6
version/dovecot dovecot/1.2.0
version/dovecot dovecot/1.2.1
version/dovecot dovecot/1.2.2
version/dovecot dovecot/1.2.3
version/dovecot dovecot/1.2.4
version/dovecot dovecot/1.2.5
version/dovecot dovecot/1.2.6
version/dovecot dovecot/1.2.7
version/dovecot dovecot/1.2.8
version/dovecot dovecot/1.2.9
version/dovecot dovecot/1.2.10
version/dovecot dovecot/1.2.11
version/dovecot dovecot/1.2.12
version/dovecot dovecot/1.2.13
version/dovecot dovecot/1.2.14
version/dovecot dovecot/1.2.15
version/dovecot dovecot/2.0-beta1
version/dovecot dovecot/2.0.0
version/dovecot dovecot/2.0.1
version/dovecot dovecot/2.0.2
version/dovecot dovecot/2.0.3
version/dovecot dovecot/2.0.4
version/dovecot dovecot/2.0.5
version/dovecot dovecot/2.0.6
version/dovecot dovecot/2.0.7
version/dovecot dovecot/2.0.8
version/dovecot dovecot/2.0.9
version/dovecot dovecot/2.0.10
version/dovecot dovecot/2.0.11
version/dovecot dovecot/2.0.12
version/dovecot dovecot/2.0.13
version/dovecot dovecot/2.0.14
version/dovecot dovecot/2.0.15
version/dovecot dovecot/2.1-rc1
version/dovecot dovecot/2.1-rc2
version/dovecot dovecot/2.1-rc3
version/dovecot dovecot/2.1-rc5
version/dovecot dovecot/2.1-rc6
version/dovecot dovecot/2.1-rc7
version/dovecot dovecot/2.1.0
version/dovecot dovecot/2.1.1
version/dovecot dovecot/2.1.2
version/dovecot dovecot/2.1.3
version/dovecot dovecot/2.1.4
version/dovecot dovecot/2.1.5
version/dovecot dovecot/2.1.6
version/dovecot dovecot/2.1.7
version/dovecot dovecot/2.1.8
version/dovecot dovecot/2.1.10
version/dovecot dovecot/2.1.11
version/dovecot dovecot/2.1.12
version/dovecot dovecot/2.1.13
version/dovecot dovecot/2.1.14
version/dovecot dovecot/2.1.15
version/dovecot dovecot/2.2-rc1
version/dovecot dovecot/2.2-rc2
version/dovecot dovecot/2.2-rc3
version/dovecot dovecot/2.2-rc4
version/dovecot dovecot/2.2-rc5
version/dovecot dovecot/2.2-rc6
version/dovecot dovecot/2.2-rc7
version/dovecot dovecot/2.2.0
version/dovecot dovecot/2.2.1
version/dovecot dovecot/2.2.2
version/dovecot dovecot/2.2.3
version/dovecot dovecot/2.2.4
version/dovecot dovecot/2.2.5
version/dovecot dovecot/2.2.6
version/dovecot dovecot/2.2.7
version/dovecot dovecot/2.2.8
version/dovecot dovecot/2.2.9
version/dovecot dovecot/2.2.10
version/dovecot dovecot/2.2.13-rc1

CVE-2014-3430

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-3430?

How do I fix CVE-2014-3430?

What impact does CVE-2014-3430 have on my system?

Which versions are affected by CVE-2014-3430?

Is there a workaround for CVE-2014-3430 until I can upgrade?

Company

Resources

Contact