CVE-2017-8114

Risk Scores

Affected Products

Exploit Intelligence

• https://github.com/ilsani/rd/tree/master/security-advisories/web/roundcube/cve-2017-8114 (nist-nvd)
• Roundcube virtualmin privilege escalation (CVE-2017-8114) (hackerone)
• Roundcube virtualmin privilege escalation (CVE-2017-8114) (hackerone)
• Roundcube virtualmin privilege escalation (CVE-2017-8114) (hackerone)
• https://roundcube.net/news/2017/04/28/security-updates-1.2.5-1.1.9-and-1.0.11 (circl)
• GLSA-201707-11 (circl)
• 98445 (circl)
• roundcube.yml (github-poc)
• roundcube.yml (github-poc)
• roundcube.yml (github-poc)

…and 4 more exploits

Timeline

• CVE Published
• Nov 12, 2019 PoC Published
• Apr 14, 2021 EPSS Score
• Aug 24, 2021 EPSS Score
• Dec 27, 2021 EPSS Score
• Feb 28, 2022 EPSS Score
• Jul 3, 2022 EPSS Score
• Nov 6, 2022 EPSS Score
• Mar 7, 2023 EPSS Score
• May 13, 2023 EPSS Score
• Sep 15, 2023 EPSS Score
• Nov 17, 2023 EPSS Score

References

• https://ubuntu.com/security/CVE-2017-8114 third-party-advisory
• https://github.com/roundcube/roundcubemail/releases/tag/1.2.5 third-party-advisory
• https://github.com/roundcube/roundcubemail/commit/6e054a37d13dc3772d0aa454a32d5dc3bdcc7003 third-party-advisory
• https://github.com/roundcube/roundcubemail/releases/tag/1.1.9 third-party-advisory
• https://github.com/roundcube/roundcubemail/commit/10b227d70a03e33682aaaa0138e84f9256f3cd50 third-party-advisory
• https://github.com/roundcube/roundcubemail/releases/tag/1.0.11 third-party-advisory
• https://github.com/roundcube/roundcubemail/commit/271426429bfbb5b63e6dec91b1e4780e8ef1c67e third-party-advisory
• https://www.cve.org/CVERecord?id=CVE-2017-8114 third-party-advisory