CVE-2025-53859

{"id": "CVE-2025-53859", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "f5sirt@f5.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}], "cvssMetricV40": [{"type": "Secondary", "source": "f5sirt@f5.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-13T15:15:37.657", "references": [{"url": "https://my.f5.com/manage/s/article/K000152786", "tags": ["Vendor Advisory"], "source": "f5sirt@f5.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "f5sirt@f5.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method \"none,\" and (3) the authentication server returns the \"Auth-Wait\" response header.\n\n\n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}, {"lang": "es", "value": "NGINX Open Source y NGINX Plus presentan una vulnerabilidad en el m\u00f3dulo ngx_mail_smtp_module que podr\u00eda permitir que un atacante no autenticado sobrelea la memoria del proceso de autenticaci\u00f3n SMTP de NGINX. Como resultado, el servidor podr\u00eda filtrar bytes arbitrarios enviados en una solicitud al servidor de autenticaci\u00f3n. Este problema ocurre durante el proceso de autenticaci\u00f3n SMTP de NGINX y requiere que el atacante realice preparativos en el sistema objetivo para extraer los datos filtrados. El problema afecta a NGINX solo si (1) se compila con el m\u00f3dulo ngx_mail_smtp_module, (2) la directiva smtp_auth est\u00e1 configurada con el m\u00e9todo \"none\" y (3) el servidor de autenticaci\u00f3n devuelve el encabezado de respuesta \"Auth-Wait\". Nota: Las versiones de software que han alcanzado el fin del soporte t\u00e9cnico (EoTS) no se eval\u00faan."}], "lastModified": "2025-10-21T18:02:48.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96BF2B19-52C7-4051-BA58-CAE6F912B72F"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8248517E-D805-4928-8252-2168472341EF"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r32:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36C4308E-651E-437C-84E7-10C542E3ADC2"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r32:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA913184-EAAD-409E-99C6-AB979DAA93F3"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r32:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "782DF180-1101-4D6A-A1D7-8DADBAF6D9D3"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r33:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "514B0A2A-E2FD-4DB7-B5B8-5C59F1D60AD8"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r33:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46DC49B8-7286-4867-9CDA-1C1B469CD304"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r33:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43477C2E-7485-4146-B25C-F58D632CD85B"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r34:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25292797-19EC-446B-BB26-FAC7A280F61D"}, {"criteria": "cpe:2.3:a:f5:nginx_plus:r34:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7453D683-FCA7-46EE-BE49-5FD9A01D7F87"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69F418AB-2C97-42AF-9D5F-5F27B7451046", "versionEndExcluding": "1.29.1", "versionStartIncluding": "0.7.22"}], "operator": "OR"}]}], "sourceIdentifier": "f5sirt@f5.com"}