Details of VAR-202106-0520

ID

VAR-202106-0520

CVE

CVE-2021-22897

TITLE

curl Vulnerability in Resource Leakage to Wrong Domain

Trust: 0.8

sources: JVNDB: JVNDB-2021-008166

DESCRIPTION

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly. curl Is vulnerable to a resource leak to the wrong area.Information may be obtained. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. curl has a security vulnerability stemming from libcurl allowing applications to specify specific TLS ciphers to use in transit using an option called CURLOPT SSL CIPHER LIST

Trust: 2.34

sources: NVD: CVE-2021-22897 // JVNDB: JVNDB-2021-008166 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-381371 // VULMON: CVE-2021-22897

AFFECTED PRODUCTS

vendor:	oracle	model:	mysql server	scope:	lte	version:	8.0.25	Trust: 1.0
vendor:	netapp	model:	h300s	scope:	eq	version:	-	Trust: 1.0
vendor:	haxx	model:	curl	scope:	lte	version:	7.76.1	Trust: 1.0
vendor:	netapp	model:	h410s	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	mysql server	scope:	lte	version:	5.7.34	Trust: 1.0
vendor:	netapp	model:	hci compute node	scope:	eq	version:	-	Trust: 1.0
vendor:	splunk	model:	universal forwarder	scope:	eq	version:	9.1.0	Trust: 1.0
vendor:	oracle	model:	essbase	scope:	lt	version:	11.1.2.4.047	Trust: 1.0
vendor:	oracle	model:	essbase	scope:	lt	version:	21.3	Trust: 1.0
vendor:	oracle	model:	mysql server	scope:	gte	version:	8.0.0	Trust: 1.0
vendor:	netapp	model:	solidfire \& hci management node	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h700s	scope:	eq	version:	-	Trust: 1.0
vendor:	splunk	model:	universal forwarder	scope:	lt	version:	8.2.12	Trust: 1.0
vendor:	oracle	model:	communications cloud native core service communication proxy	scope:	eq	version:	1.15.0	Trust: 1.0
vendor:	netapp	model:	solidfire\, enterprise sds \& hci storage node	scope:	eq	version:	-	Trust: 1.0
vendor:	splunk	model:	universal forwarder	scope:	lt	version:	9.0.6	Trust: 1.0
vendor:	oracle	model:	communications cloud native core binding support function	scope:	eq	version:	1.11.0	Trust: 1.0
vendor:	siemens	model:	sinec infrastructure network services	scope:	lt	version:	1.0.1.1	Trust: 1.0
vendor:	netapp	model:	solidfire baseboard management controller	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	communications cloud native core network function cloud native environment	scope:	eq	version:	1.10.0	Trust: 1.0
vendor:	splunk	model:	universal forwarder	scope:	gte	version:	9.0.0	Trust: 1.0
vendor:	netapp	model:	h500e	scope:	eq	version:	-	Trust: 1.0
vendor:	haxx	model:	curl	scope:	gte	version:	7.61.0	Trust: 1.0
vendor:	netapp	model:	h700e	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	h300e	scope:	eq	version:	-	Trust: 1.0
vendor:	netapp	model:	cloud backup	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	communications cloud native core network repository function	scope:	eq	version:	1.15.0	Trust: 1.0
vendor:	oracle	model:	communications cloud native core network slice selection function	scope:	eq	version:	1.8.0	Trust: 1.0
vendor:	netapp	model:	h500s	scope:	eq	version:	-	Trust: 1.0
vendor:	oracle	model:	communications cloud native core network repository function	scope:	eq	version:	1.15.1	Trust: 1.0
vendor:	splunk	model:	universal forwarder	scope:	gte	version:	8.2.0	Trust: 1.0
vendor:	oracle	model:	essbase	scope:	gte	version:	21.0	Trust: 1.0
vendor:	netapp	model:	hci compute node	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	h300e	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	solidfire & hci management node	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	h300s	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	solidfire enterprise sds & hci storage node	scope:	-	version:	-	Trust: 0.8
vendor:	オラクル	model:	oracle essbase server	scope:	-	version:	-	Trust: 0.8
vendor:	オラクル	model:	mysql	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	solidfire baseboard management controller	scope:	-	version:	-	Trust: 0.8
vendor:	haxx	model:	curl	scope:	-	version:	-	Trust: 0.8
vendor:	netapp	model:	cloud backup	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-008166 // NVD: CVE-2021-22897

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-22897
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-22897
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202104-975
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202105-1688
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-381371
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2021-22897
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2021-22897
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-381371
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2021-22897
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
NVD:	CVE-2021-22897
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-381371 // VULMON: CVE-2021-22897 // JVNDB: JVNDB-2021-008166 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1688 // NVD: CVE-2021-22897

PROBLEMTYPE DATA

problemtype:	CWE-668	Trust: 1.1
problemtype:	CWE-840	Trust: 1.0
problemtype:	Leakage of resources to the wrong area (CWE-668) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-381371 // JVNDB: JVNDB-2021-008166 // NVD: CVE-2021-22897

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202105-1688

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:	Oracle Critical Patch Update Advisory - January 2022 Oracle Critical Patch Update	url:	https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511	Trust: 0.8
title:	Fixing measures for vulnerabilities of encryption problems in many products	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=154687	Trust: 0.6
title:	Red Hat: CVE-2021-22897	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2021-22897	Trust: 0.1
title:	Arch Linux Issues:	url:	https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2021-22897 log	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=4a9822530e6b610875f83ffc10e02aba	Trust: 0.1
title:	Siemens Security Advisories: Siemens Security Advisory	url:	https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d	Trust: 0.1

sources: VULMON: CVE-2021-22897 // JVNDB: JVNDB-2021-008166 // CNNVD: CNNVD-202105-1688

EXTERNAL IDS

db:	NVD	id:	CVE-2021-22897	Trust: 3.4
db:	HACKERONE	id:	1172857	Trust: 1.8
db:	SIEMENS	id:	SSA-389290	Trust: 1.8
db:	JVNDB	id:	JVNDB-2021-008166	Trust: 0.8
db:	CS-HELP	id:	SB2021041363	Trust: 0.6
db:	CNNVD	id:	CNNVD-202104-975	Trust: 0.6
db:	CS-HELP	id:	SB2021052719	Trust: 0.6
db:	CS-HELP	id:	SB2021060321	Trust: 0.6
db:	CS-HELP	id:	SB2021052620	Trust: 0.6
db:	CS-HELP	id:	SB2022031104	Trust: 0.6
db:	AUSCERT	id:	ESB-2023.3146	Trust: 0.6
db:	CNNVD	id:	CNNVD-202105-1688	Trust: 0.6
db:	VULHUB	id:	VHN-381371	Trust: 0.1
db:	ICS CERT	id:	ICSA-22-069-09	Trust: 0.1
db:	VULMON	id:	CVE-2021-22897	Trust: 0.1

sources: VULHUB: VHN-381371 // VULMON: CVE-2021-22897 // JVNDB: JVNDB-2021-008166 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1688 // NVD: CVE-2021-22897

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Trust: 1.8
url:	https://security.netapp.com/advisory/ntap-20210727-0007/	Trust: 1.8
url:	https://curl.se/docs/cve-2021-22897.html	Trust: 1.8
url:	https://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511	Trust: 1.8
url:	https://hackerone.com/reports/1172857	Trust: 1.8
url:	https://www.oracle.com//security-alerts/cpujul2021.html	Trust: 1.8
url:	https://www.oracle.com/security-alerts/cpuapr2022.html	Trust: 1.8
url:	https://www.oracle.com/security-alerts/cpujan2022.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-22897	Trust: 1.4
url:	https://access.redhat.com/security/cve/cve-2021-22897	Trust: 0.7
url:	https://www.cybersecurity-help.cz/vdb/sb2021041363	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052620	Trust: 0.6
url:	https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-was-identified-and-remediated-in-the-ibm-maas360-cloud-extender-v2-103-000-051-and-modules/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/curl-information-disclosure-via-concurrent-transfers-last-schannel-cipher-selection-35538	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021060321	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2021052719	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022031104	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.3146	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/668.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.cisa.gov/uscert/ics/advisories/icsa-22-069-09	Trust: 0.1

sources: VULHUB: VHN-381371 // VULMON: CVE-2021-22897 // JVNDB: JVNDB-2021-008166 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202105-1688 // NVD: CVE-2021-22897

SOURCES

db:	VULHUB	id:	VHN-381371
db:	VULMON	id:	CVE-2021-22897
db:	JVNDB	id:	JVNDB-2021-008166
db:	CNNVD	id:	CNNVD-202104-975
db:	CNNVD	id:	CNNVD-202105-1688
db:	NVD	id:	CVE-2021-22897

LAST UPDATE DATE

2024-08-14T13:17:53.518000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-381371	date:	2022-08-30T00:00:00
db:	VULMON	id:	CVE-2021-22897	date:	2022-08-30T00:00:00
db:	JVNDB	id:	JVNDB-2021-008166	date:	2022-03-07T02:20:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-14T00:00:00
db:	CNNVD	id:	CNNVD-202105-1688	date:	2023-06-05T00:00:00
db:	NVD	id:	CVE-2021-22897	date:	2024-03-27T15:47:40.347

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-381371	date:	2021-06-11T00:00:00
db:	VULMON	id:	CVE-2021-22897	date:	2021-06-11T00:00:00
db:	JVNDB	id:	JVNDB-2021-008166	date:	2022-03-07T00:00:00
db:	CNNVD	id:	CNNVD-202104-975	date:	2021-04-13T00:00:00
db:	CNNVD	id:	CNNVD-202105-1688	date:	2021-05-26T00:00:00
db:	NVD	id:	CVE-2021-22897	date:	2021-06-11T16:15:10.963