4.3
CVSSv2

CVE-2021-3449

Published: 25/03/2021 Updated: 20/10/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], that disclosed two vulnerabilities. Exploitation of these vulnerabilities could allow an malicious user to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or device, or to cause a denial of service (DoS) condition. This advisory will be updated as additional information becomes available. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl

debian debian linux 9.0

debian debian linux 10.0

freebsd freebsd 12.2

netapp active iq unified manager -

netapp cloud volumes ontap mediator -

netapp e-series performance analyzer -

netapp oncommand insight -

netapp oncommand workflow automation -

netapp ontap select deploy administration utility -

netapp santricity smi-s provider -

netapp snapcenter -

netapp storagegrid -

tenable log correlation engine

tenable nessus

tenable nessus network monitor 5.11.0

tenable nessus network monitor 5.11.1

tenable nessus network monitor 5.12.0

tenable nessus network monitor 5.12.1

tenable nessus network monitor 5.13.0

tenable tenable.sc

fedoraproject fedora 34

mcafee web gateway 8.2.19

mcafee web gateway 9.2.10

mcafee web gateway 10.1.1

mcafee web gateway cloud service 8.2.19

mcafee web gateway cloud service 9.2.10

mcafee web gateway cloud service 10.1.1

checkpoint quantum_security_management_firmware r80.40

checkpoint quantum_security_management_firmware r81

checkpoint multi-domain_management_firmware r80.40

checkpoint multi-domain_management_firmware r81

checkpoint quantum_security_gateway_firmware r80.40

checkpoint quantum_security_gateway_firmware r81

oracle essbase 21.2

oracle graalvm 19.3.5

oracle graalvm 20.3.1.2

oracle graalvm 21.0.0.2

oracle mysql connectors

oracle mysql server

oracle mysql workbench

oracle peoplesoft enterprise peopletools 8.57

oracle peoplesoft enterprise peopletools 8.58

oracle peoplesoft enterprise peopletools 8.59

oracle secure global desktop 5.6

oracle zfs storage appliance kit 8.8

sonicwall sma100_firmware

sonicwall capture client 3.5

sonicwall sonicos 7.0.1.0

siemens ruggedcom_rcm1224_firmware

siemens scalance_lpe9403_firmware

siemens scalance_m-800_firmware

siemens scalance_s602_firmware

siemens scalance_s612_firmware

siemens scalance_s615_firmware

siemens scalance_s623_firmware

siemens scalance_s627-2m_firmware

siemens scalance_sc-600_firmware

siemens scalance_w700_firmware

siemens scalance_w1700_firmware

siemens scalance_xb-200_firmware

siemens scalance_xc-200_firmware

siemens scalance_xf-200ba_firmware

siemens scalance_xm-400_firmware

siemens scalance_xp-200_firmware

siemens scalance_xr-300wg_firmware

siemens scalance_xr524-8c_firmware

siemens scalance_xr526-8c_firmware

siemens scalance_xr528-6m_firmware

siemens scalance_xr552-12_firmware

siemens simatic_cloud_connect_7_firmware -

siemens simatic_cloud_connect_7_firmware

siemens simatic_cp_1242-7_gprs_v2_firmware -

siemens simatic_cp_1242-7_gprs_v2_firmware

siemens simatic_hmi_basic_panels_2nd_generation_firmware

siemens simatic_hmi_comfort_outdoor_panels_firmware

siemens simatic_hmi_ktp_mobile_panels_firmware

siemens simatic_mv500_firmware

siemens simatic_net_cp_1243-1_firmware

siemens simatic_net_cp1243-7_lte_eu_firmware

siemens simatic_net_cp1243-7_lte_us_firmware

siemens simatic_net_cp_1243-8_irc_firmware

siemens simatic_net_cp_1542sp-1_irc_firmware

siemens simatic_net_cp_1543-1_firmware

siemens simatic_net_cp_1543sp-1_firmware

siemens simatic_net_cp_1545-1_firmware

siemens simatic_pcs_7_telecontrol_firmware

siemens simatic_pcs_neo_firmware

siemens simatic_pdm_firmware

siemens simatic_process_historian_opc_ua_server_firmware

siemens simatic_rf166c_firmware

siemens simatic_rf185c_firmware

siemens simatic_rf186c_firmware

siemens simatic_rf186ci_firmware

siemens simatic_rf188c_firmware

siemens simatic_rf188ci_firmware

siemens simatic_rf360r_firmware

siemens simatic_s7-1200_cpu_1211c_firmware

siemens simatic_s7-1200_cpu_1212c_firmware

siemens simatic_s7-1200_cpu_1212fc_firmware

siemens simatic_s7-1200_cpu_1214_fc_firmware

siemens simatic_s7-1200_cpu_1214c_firmware

siemens simatic_s7-1200_cpu_1215_fc_firmware

siemens simatic_s7-1200_cpu_1215c_firmware

siemens simatic_s7-1200_cpu_1217c_firmware

siemens simatic_s7-1500_cpu_1518-4_pn\\/dp_mfp_firmware

siemens sinamics_connect_300_firmware

siemens tim_1531_irc_firmware

siemens simatic logon 1.5

siemens simatic logon

siemens simatic wincc runtime advanced

siemens simatic wincc telecontrol -

siemens sinec nms 1.0

siemens sinec pni -

siemens sinema server 14.0

siemens sinumerik opc ua server

siemens tia administrator

Vendor Advisories

A NULL pointer dereference was found in the signature_algorithms processing in OpenSSL, a Secure Sockets Layer toolkit, which could result in denial of service Additional details can be found in the upstream advisory: wwwopensslorg/news/secadv/20210325txt For the stable distribution (buster), this problem has been fixed in version 111 ...
The z/TPF version of OpenSSL was updated to address the vulnerability described by CVE-2021-3449 ...
Security vulnerabilities have been disclosed on 25h March 2021 by the OpenSSL Project OpenSSl is used by IBM Sterling Connect:Express for UNIX IBM Sterling Connect:Express for UNIX has addressed the applicable CVE ...
A flaw was found in openssl A server crash and denial of service attack could occur if a client sends a TLSv12 renegotiation ClientHello and omits the signature_algorithms extension but includes a signature_algorithms_cert extension The highest threat from this vulnerability is to system availability ...
Arch Linux Security Advisory ASA-202103-10 ========================================== Severity: High Date : 2021-03-25 CVE-ID : CVE-2021-3449 CVE-2021-3450 Package : openssl Type : multiple issues Remote : Yes Link : securityarchlinuxorg/AVG-1736 Summary ======= The package openssl before version 111k-1 is vulnerable to m ...
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client If a TLSv12 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a ...
Nessus leverages third-party software to help provide underlying functionality One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL components to address the poten ...
Tenablesc leverages third-party software to help provide underlying functionality One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL components to address the p ...
On March 25, 2021, the OpenSSL Project released a security advisory, OpenSSL Security Advisory [25 March 2021], that disclosed two vulnerabilities Exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority (CA) certificate to act as a CA and sign a certificate for an arbitrary organization, user or devic ...
A vulnerability (CVE-2021-3449) exists in JP1/Base and JP1/ File Transmission Server/FTP Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Multiple vulnerabilities have been found in Hitachi Ops Center Common Services CVE-2021-3449, CVE-2021-3450, CVE-2021-23840, CVE-2021-23841 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Nessus Network Monitor leverages third-party software to help provide underlying functionality One of the third-party components (OpenSSL) was found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled OpenSSL components to a ...
Multiple vulnerabilities have been found in Hitachi Ops Center Analyzer viewpoint CVE-2020-1971, CVE-2021-3393, CVE-2021-3449, CVE-2021-3450, CVE-2021-23840, CVE-2021-23841 Affected products and versions are listed below Please upgrade your version to the appropriate version ...
Tenable Log Correlation Engine leverages third-party software to help provide underlying functionality Two separate third-party components (OpenSSL, jQuery) were found to contain vulnerabilities, and updated versions have been made available by the providers Out of caution and in line with good practice, Tenable opted to upgrade the bundled Open ...
Multiple vulnerabiilities in XStream, Java, OpenSSL, WebSphere Application Server Liberty and Nodejs may affect IBM Spectrum Control The Java vulnerabilities were disclosed as part of the IBM Java SDK updates in October 2020 and January 2021 ...

Mailing Lists

Hi, As many of you are aware, the OpenSSL project provides pre-notification of vulnerability disclosures The way they do it is by posting to the public OpenSSL mailing lists (see "Forthcoming OpenSSL release" below) and by contacting specific other projects/channels with an offer to provide the actual detail more privately only to those interest ...

Github Repositories

CVE-2021-3449 PoC exploit Usage: go run -host hostname:port This program implements a proof-of-concept exploit of CVE-2021-3449 affecting OpenSSL servers pre-111k if TLSv12 secure renegotiation is accepted It connects to a TLSv12 server and immediately initiates an RFC 5746 "secure renegotiation" The attack involves a maliciously-crafted ClientHello that cause

podcast-dl-gael A simple script I use to download podcasts from YouTube and RSS feeds It uses youtube-dl and a (badly) written bash script Files are then synchronized to my laptop and mobile using syncthing Caveat: It suits MY needs and is provided as-is It's FOSS Use it for whatever you want Usage List your YouTube video or playlist URLs here (one Youtube URL per l

NSAPool-PenTest PenTest audit Ce qu'on a pu trouver Au premier abord sur le site on peut remarquer qu'il y a plusieurs pages accessibles En regardant de plus près on voit que chacune peut passer soit au format HTTPS aussi bien qu'HTTP Une des premières mesures a prendre serait donc d'autoriser uniquement des connections en HTTPS pour plus de

![[jellyfish_headerpng]] Year of the Jellyfish (YotJF) Bradley, rnbochsr | 4/23/2021 - 4/30/2021 Target configuration info Website IP changes each time the machine spins up URL: robyns-petshopthm Website Platform: AmazonAWS Version #? Web server: Apache 2429 Ubuntu Site runs using PicoCMS Version #? OpenSSH 59p1 and 76p1 OpenSSL 111k vsFTPd 303 Initi

Catlin Vulnerability Scanner This can be used to scan vulnerability in Tekton Tasks What is Trivy? Trivy (tri pronounced like trigger, vy pronounced like envy) is a simple and comprehensive vulnerability scanner for containers and other artifacts A software vulnerability is a glitch, flaw, or weakness present in the software or in an Operating System Trivy detects vulnerabi

TASSL-111k 新版本特性 1、基于开源openssl111k修改。相较于之前基于openssl111b版本的tassl,修复了以下漏洞: CVE-2019-1543 CVE-2019-1552 CVE-2019-1563 CVE-2019-1547 CVE-2019-1549 CVE-2020-1967 CVE-2020-1971 CVE-2021-23840 CVE-2021-23839 CVE-2021-23841 CVE-2021-3449 CVE-2021-3450 CVE-2021-3711 2、支持RFC 8998 ShangMi (SM) Cipher Suites for TLS

Vulnerability 纪念我们始终热爱的 来人皆是朋友 去人也不留 © Edge Security Team 本项目多数漏洞为互联网收集(多数均注明了原作者链接,如有侵权请联系我们删除,谢谢),部分漏洞进行了复现。 如有引用请注明文章内原作者链接,谢谢!!! 免责申明:项目所发布的资料\FOFA搜索语法\POC\EXP

PoC in GitHub 2021 CVE-2021-1056 (2021-01-07) NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidiako) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure pokerfaceSad/CVE-2021-1056 CVE-2021-

Recent Articles

OpenSSL shuts down two high-severity bugs: Flaws enable cert shenanigans, denial-of-service attacks
The Register • Thomas Claburn in San Francisco • 25 Mar 2021

Debian, Ubuntu ahead of the curve in patching at least – don't be late yourself How do you fix a problem like open-source security? Google has an idea, though constraints may not go down well

Two high-severity vulnerabilities in the OpenSSL software library were disclosed on Thursday alongside the release of a patched version of the software, OpenSSL 1.1.1k.
OpenSSL is widely used to implement the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, which support encrypted network connections. Alternatives include BoringSSL and LibreSSL, among others.
The first flaw, a certificate check bypass (CVE-2021-3450), arose as a result of code implemented in v...

The Register

Two high-severity vulnerabilities in the OpenSSL software library were disclosed on Thursday alongside the release of a patched version of the software, OpenSSL 1.1.1k.
OpenSSL is widely used to implement the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, which support encrypted network connections. Alternatives include BoringSSL and LibreSSL, among others.
The first flaw, a certificate check bypass (CVE-2021-3450), arose as a result of code implemented in v...

OpenSSL fixes severe DoS, certificate validation vulnerabilities
BleepingComputer • Ax Sharma • 01 Jan 1970

Today, the OpenSSL project has issued an advisory for two high-severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 lurking in OpenSSL products.
OpenSSL is a commonly used software library for building networking applications and servers that need to establish secure communications.
These flaws include:
The DoS vulnerability (CVE-2021-3449) in OpenSSL TLS server can cause the server to crash if during the course of renegotiation the client sends a malicious 
 m...

References

CWE-476https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148https://www.openssl.org/news/secadv/20210325.txthttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdhttps://www.debian.org/security/2021/dsa-4875https://security.netapp.com/advisory/ntap-20210326-0006/https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.aschttp://www.openwall.com/lists/oss-security/2021/03/27/1http://www.openwall.com/lists/oss-security/2021/03/27/2http://www.openwall.com/lists/oss-security/2021/03/28/3http://www.openwall.com/lists/oss-security/2021/03/28/4https://security.gentoo.org/glsa/202103-03https://www.tenable.com/security/tns-2021-06https://www.tenable.com/security/tns-2021-05https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/https://kc.mcafee.com/corporate/index?page=content&id=SB10356https://www.tenable.com/security/tns-2021-09https://security.netapp.com/advisory/ntap-20210513-0002/https://www.tenable.com/security/tns-2021-10https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdfhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013https://www.oracle.com//security-alerts/cpujul2021.htmlhttps://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlhttps://www.oracle.com/security-alerts/cpuoct2021.htmlhttps://github.com/terorie/cve-2021-3449https://nvd.nist.govhttps://www.openssl.org/news/secadv/20210325.txthttps://www.debian.org/security/2021/dsa-4875https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd