Vulnerability Name:

CVE-2022-35252 (CCN-234980)

Assigned:2022-08-31
Published:2022-08-31
Updated:2023-03-01
Summary:cURL libcurl is vulnerable to a denial of service, caused by a flaw when cookies contain control codes are later sent back to an HTTP(S) server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a "sister site" to deny service to siblings.
CVSS v3 Severity:3.7 Low (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
3.2 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2022-35252

Source: support@hackerone.com
Type: Third Party Advisory
support@hackerone.com

Source: support@hackerone.com
Type: Third Party Advisory
support@hackerone.com

Source: CCN
Type: Project curl Security Advisory, August 31 2022
CVE-2022-35252: control code in cookie denial of service

Source: XF
Type: UNKNOWN
curl-cve202235252-dos(234980)

Source: support@hackerone.com
Type: Exploit, Issue Tracking, Third Party Advisory
support@hackerone.com

Source: support@hackerone.com
Type: Mailing List, Third Party Advisory
support@hackerone.com

Source: CCN
Type: oss-sec Mailing List, Wed, 31 Aug 2022 08:31:44 +0200 (CEST)
[SECURITY ADVISORY] CVE-2022-35252: control code in cookie denial of service (curl)

Source: support@hackerone.com
Type: Third Party Advisory
support@hackerone.com

Source: support@hackerone.com
Type: Third Party Advisory
support@hackerone.com

Source: support@hackerone.com
Type: Third Party Advisory
support@hackerone.com

Source: support@hackerone.com
Type: Third Party Advisory
support@hackerone.com

Source: CCN
Type: IBM Security Bulletin 6845365 (QRadar WinCollect Agent)
IBM QRadar Wincollect agent is vulnerable to using components with know vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6847643 (Spectrum Protect Plus)
Vulnerabilities in Linux Kernel, Golang Go, and cURL libcurl may affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 6855601 (Rational ClearCase)
Multiple vulnerabilities in libcURL affect IBM Rational ClearCase ( CVE-2022-42915, CVE-2022-42916, CVE-2022-32221, CVE-2022-35252, CVE-2022-32205, CVE-2022-32206, CVE-2022-32207 )

Source: CCN
Type: IBM Security Bulletin 6856467 (PowerSC)
Multiple vulnerabilities in Curl affect PowerSC

Source: CCN
Type: IBM Security Bulletin 6984347 (Engineering Requirements Management DOORS)
IBM Engineering Requirements Management DOORS/DWA vulnerabilities fixes for 9.7.2.6

Source: CCN
Type: IBM Security Bulletin 6999605 (MQ Operator)
IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from curl, go and apr-util

Source: CCN
Type: IBM Security Bulletin 7005587 (Spectrum Protect Plus)
Vulnerabilities in cURL libcurl, PostgreSQL, PyPI cryptography, Node.js can affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 7012459 (Spectrum Copy Data Management)
Vulnerabilities in Golang, Python, postgresql, cURL libcurl might affect IBM Spectrum Copy Data Management

Source: CCN
Type: IBM Security Bulletin 7014659 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 7015033 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in cURL libcurl (CVE-2022-35252)

Source: CCN
Type: Mend Vulnerability Database
CVE-2022-35252

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_copy_data_management:2.2.0.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7476
    P
    		curl-8.0.1-150400.5.23.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:727
    P
    		Security update for curl (Low)
    2022-09-02
    oval:org.opensuse.security:def:5305
    P
    		Security update for curl (Low) (in QA)
    2022-08-24
    oval:org.opensuse.security:def:6113
    P
    		Security update for curl (Low) (in QA)
    2022-08-24
    BACK
    ibm spectrum protect plus 10.1.0
    ibm cloud transformation advisor 2.0.1
    ibm spectrum copy data management 2.2.0.0