Published: 05/08/2021 Updated: 27/03/2024

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 3.7 | Impact Score: 1.4 | Exploitability Score: 2.2

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

Vulnerable Product	Search on Vulmon	Subscribe to Product
haxx libcurl
fedoraproject fedora 33
debian debian linux 9.0
debian debian linux 10.0
debian debian linux 11.0
netapp cloud backup -
netapp clustered data ontap -
netapp solidfire \\& hci management node -
netapp solidfire baseboard management controller firmware -
oracle peoplesoft enterprise peopletools 8.57
oracle peoplesoft enterprise peopletools 8.58
oracle peoplesoft enterprise peopletools 8.59
oracle mysql server
siemens sinec infrastructure network services
siemens sinema remote connect server
siemens logo\\!_cmr2040_firmware
siemens logo\\!_cmr2020_firmware
siemens ruggedcomrm_1224_lte_firmware
siemens scalance_m804pb_firmware
siemens scalance_m812-1_firmware
siemens scalance_m816-1_firmware
siemens scalance_m826-2_firmware
siemens scalance_m874-2_firmware
siemens scalance_m874-3_firmware
siemens scalance_m876-3_firmware
siemens scalance_m876-4_firmware
siemens scalance_mum856-1_firmware
siemens scalance_s615_firmware
siemens simatic_cp_1543-1_firmware
siemens simatic_cp_1545-1_firmware
siemens simatic_rtu3010c_firmware
siemens simatic_rtu3030c_firmware
siemens simatic_rtu3031c_firmware
siemens simatic_rtu_3041c_firmware
siemens sinema remote connect
siemens siplus_net_cp_1543-1_firmware
splunk universal forwarder 9.1.0
splunk universal forwarder

Synopsis Moderate: rh-dotnet31-curl security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for rh-dotnet31-curl is now available for NET Core on Red Hat Enterprise LinuxRed Hat Product Security has rat ...

Debian Bug report logs - #991492 curl: CVE-2021-22924 Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Sun, 25 Jul 2021 19:09:02 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version curl/7740-13 ...

Multiple security vulnerabilities have been discovered in cURL, an URL transfer library These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack For the stable distribution (bullseye), these problems have been fixed in version 7740-13+deb11u2 We ...

A flaw was found in libcurl in the way libcurl handles previously used connections without accounting for 'issuer cert' and comparing the involved paths case-insensitively This flaw allows libcurl to use the wrong connection The highest threat from this vulnerability is to confidentiality (CVE-2021-22924) ...

A flaw was found in the way curl handled telnet protocol option for sending environment variables, which could lead to sending of uninitialized data from a stack-based buffer to the server This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol (CVE-2021-22898) A flaw was found in ...

A security issue has been found in curl before version 7780 libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse, if one of them matches the setup Due to errors in the logic, the config matching function did not take 'issuer cert' into account and it compared the involved paths case insensitively, whi ...

Critical Infrastructure Sectors: Critical Manufacturing

Critical Infrastructure Sectors: Energy

Critical Infrastructure Sectors: Critical Manufacturing

CWE-706 https://hackerone.com/reports/1223565 https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html https://security.netapp.com/advisory/ntap-20210902-0003/https://www.oracle.com/security-alerts/cpuoct2021.html https://www.oracle.com/security-alerts/cpujan2022.html https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf https://www.debian.org/security/2022/dsa-5197 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E https://access.redhat.com/errata/RHSA-2022:1354 https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-13 https://www.debian.org/security/2022/dsa-5197

CVE-2021-22924

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect