CVE-2018-21029
published 2019-10-30CVE-2018-21029: systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname validation does not have anything to do with this issue (i.e. there is no hostname to be sent)
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | systemd | < systemd 244-1 (bookworm) | systemd 244-1 (bookworm) |
| fedoraproject | fedora | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cm1_systemd_239-31_on_cbl_mariner_1.0 | — | — |
| systemd_project | systemd | >= 0 < 244-1 | 244-1 |
| systemd_project | systemd | >= 0 < 244-1 | 244-1 |
| systemd_project | systemd | >= 0 < 244-1 | 244-1 |
| systemd_project | systemd | >= 0 < 244-1 | 244-1 |
| systemd_project | systemd | >= 239 < 244 | 244 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL