curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. When confusing the tickets, a HTTPS proxy can trick libcurl to use the wrong session ticket resume for the host and thereby circumvent the server TLS certificate check and make a MITM attack to be possible to perform unnoticed. Note that such a malicious HTTPS proxy needs to provide a certificate that curl will accept for the MITMed server for an attack to work - unless curl has been told to ignore the server certificate check.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
History
21 Nov 2024, 05:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf - Patch, Third Party Advisory | |
References | () https://curl.se/docs/CVE-2021-22890.html - Patch, Vendor Advisory | |
References | () https://hackerone.com/reports/1129529 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ - Mailing List, Third Party Advisory | |
References | () https://security.gentoo.org/glsa/202105-36 - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20210521-0007/ - Third Party Advisory | |
References | () https://www.oracle.com//security-alerts/cpujul2021.html - Third Party Advisory |
27 Mar 2024, 15:47
Type | Values Removed | Values Added |
---|---|---|
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/ - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/ - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
|
First Time |
Splunk
Splunk universal Forwarder |
07 Nov 2023, 03:30
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-04-01 18:15
Updated : 2025-06-09 15:15
NVD link : CVE-2021-22890
Mitre link : CVE-2021-22890
CVE.ORG link : CVE-2021-22890
JSON object : View
Products Affected
netapp
- solidfire
- hci_management_node
- hci_storage_node
debian
- debian_linux
haxx
- libcurl
oracle
- communications_billing_and_revenue_management
- essbase
splunk
- universal_forwarder
siemens
- sinec_infrastructure_network_services
fedoraproject
- fedora
broadcom
- fabric_operating_system