Vulnerability Name: CVE-2021-22897 (CCN-203609) Assigned: 2021-05-26 Published: 2021-05-26 Updated: 2022-08-30 Summary: curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this weakens transport security significantly. CVSS v3 Severity: 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N )4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): NoneAvailibility (A): None
3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N )3.2 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): HighPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): NoneAvailibility (A): None
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): HighAthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): NoneAvailibility (A): None
Vulnerability Type: CWE-668 Vulnerability Consequences: Obtain Information References: Source: MITRE Type: CNACVE-2021-22897 Source: CONFIRM Type: Patch, Third Party Advisoryhttps://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf Source: CCN Type: Project curl Security Advisory, May 26th 2021schannel cipher selection surprise Source: MISC Type: Patch, Vendor Advisoryhttps://curl.se/docs/CVE-2021-22897.html Source: XF Type: UNKNOWNcurl-cve202122897-info-disc(203609) Source: MISC Type: Patch, Third Party Advisoryhttps://github.com/curl/curl/commit/bbb71507b7bab52002f9b1e0880bed6a32834511 Source: MISC Type: Exploit, Issue Tracking, Third Party Advisoryhttps://hackerone.com/reports/1172857 Source: CONFIRM Type: Third Party Advisoryhttps://security.netapp.com/advisory/ntap-20210727-0007/ Source: CCN Type: IBM Security Bulletin 6479935 (MaaS360)A vulnerability was identified and remediated in the IBM MaaS360 Cloud Extender (V2.103.000.051) and Modules Source: CCN Type: IBM Security Bulletin 6510176 (PowerSC)Multiple vulnerabilities in Curl affect PowerSC Source: N/A Type: Patch, Third Party AdvisoryN/A Source: MISC Type: Patch, Third Party Advisoryhttps://www.oracle.com/security-alerts/cpuapr2022.html Source: MISC Type: Patch, Third Party Advisoryhttps://www.oracle.com/security-alerts/cpujan2022.html Vulnerable Configuration: Configuration 1 :cpe:/a:haxx:curl:*:*:*:*:*:*:*:* (Version >= 7.61.0 and <= 7.76.1)Configuration 2 :cpe:/a:oracle:mysql_server:*:*:*:*:*:*:*:* (Version >= 8.0.0 and <= 8.0.25)OR cpe:/a:oracle:essbase:*:*:*:*:*:*:*:* (Version >= 21.0 and < 21.3) OR cpe:/a:oracle:essbase:*:*:*:*:*:*:*:* (Version < 11.1.2.4.047) OR cpe:/a:oracle:mysql_server:*:*:*:*:*:*:*:* (Version <= 5.7.34) OR cpe:/a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:* OR cpe:/a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:* Configuration 3 :cpe:/a:netapp:cloud_backup:-:*:*:*:*:*:*:* OR cpe:/a:netapp:solidfire_&_hci_management_node:-:*:*:*:*:*:*:* OR cpe:/o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:* OR cpe:/a:netapp:solidfire,_enterprise_sds_&_hci_storage_node:-:*:*:*:*:*:*:* Configuration 4 :cpe:/o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:hci_compute_node:-:*:*:*:*:*:*:* Configuration 5 :cpe:/o:netapp:h300e_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h300e:-:*:*:*:*:*:*:* Configuration 6 :cpe:/o:netapp:h300s_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h300s:-:*:*:*:*:*:*:* Configuration 7 :cpe:/o:netapp:h410s_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h410s:-:*:*:*:*:*:*:* Configuration 8 :cpe:/o:netapp:h500e_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h500e:-:*:*:*:*:*:*:* Configuration 9 :cpe:/o:netapp:h500s_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h500s:-:*:*:*:*:*:*:* Configuration 10 :cpe:/o:netapp:h700e_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h700e:-:*:*:*:*:*:*:* Configuration 11 :cpe:/o:netapp:h700s_firmware:-:*:*:*:*:*:*:* AND cpe:/h:netapp:h700s:-:*:*:*:*:*:*:* Configuration 12 :cpe:/a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:* (Version < 1.0.1.1)Configuration CCN 1 :cpe:/a:curl:libcurl:7.61.0:*:*:*:*:*:*:* OR cpe:/a:curl:libcurl:7.62.0:*:*:*:*:*:*:* OR cpe:/a:curl:libcurl:7.63.0:*:*:*:*:*:*:* OR cpe:/a:curl:libcurl:7.65.0:*:*:*:*:*:*:* OR cpe:/a:curl:libcurl:7.64.0:*:*:*:*:*:*:* OR cpe:/a:curl:libcurl:7.65.3:*:*:*:*:*:*:* OR cpe:/a:curl:libcurl:7.67.0:*:*:*:*:*:*:* Denotes that component is vulnerable BACK
haxx curl *
oracle mysql server *
oracle essbase *
oracle essbase *
oracle mysql server *
oracle communications cloud native core network slice selection function 1.8.0
oracle communications cloud native core network repository function 1.15.0
oracle communications cloud native core network function cloud native environment 1.10.0
oracle communications cloud native core service communication proxy 1.15.0
oracle communications cloud native core network repository function 1.15.1
oracle communications cloud native core binding support function 1.11.0
netapp cloud backup -
netapp solidfire & hci management node -
netapp solidfire baseboard management controller firmware -
netapp solidfire, enterprise sds & hci storage node -
netapp hci compute node firmware -
netapp hci compute node -
netapp h300e firmware -
netapp h300e -
netapp h300s firmware -
netapp h300s -
netapp h410s firmware -
netapp h410s -
netapp h500e firmware -
netapp h500e -
netapp h500s firmware -
netapp h500s -
netapp h700e firmware -
netapp h700e -
netapp h700s firmware -
netapp h700s -
siemens sinec infrastructure network services *
curl libcurl 7.61.0
curl libcurl 7.62.0
curl libcurl 7.63.0
curl libcurl 7.65.0
curl libcurl 7.64.0
curl libcurl 7.65.3
curl libcurl 7.67.0