CVE-2021-20230
published 2021-02-23CVE-2021-20230: A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options…
PriorityP342high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.18%
63.8th percentile
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | stunnel4 | < stunnel4 3:5.56+dfsg-8 (bookworm) | stunnel4 3:5.56+dfsg-8 (bookworm) |
| msrc | cbl2_stunnel_5.70-1_on_cbl_mariner_2.0 | — | — |
| stunnel | stunnel | < 5.57 | 5.57 |
| stunnel | stunnel | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv7.5HIGH
vendor_debian7.5HIGH
vendor_msrc7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
stunnel vulnerability
vendor_ubuntu·2024-07-18
CVE-2021-20230 stunnel vulnerability
Title: stunnel vulnerability
Summary: stunnel could allow unintended access to network services.
It was discovered that stunnel did not properly validate client
certificates when configured to use both the redirect and verifyChain
options. A remote attacker could potentially use this issue to obtain
sensitive information by accessing the tunneled service.
Instructions: In general, a standard system update will make all the necessary changes.
Microsoft
A flaw was found in stunnel before 5.57 where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certif
vendor_msrc·2021-02-09·CVSS 7.5
CVE-2021-20230 [HIGH] CWE-295 A flaw was found in stunnel before 5.57 where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certif
A flaw was found in stunnel before 5.57 where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority which is not the one accepted by the stunnel server to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sourc
Debian
CVE-2021-20230: stunnel4 - A flaw was found in stunnel before 5.57, where it improperly validates client ce...
vendor_debian·2021·CVSS 7.5
CVE-2021-20230 [HIGH] CVE-2021-20230: stunnel4 - A flaw was found in stunnel before 5.57, where it improperly validates client ce...
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
Scope: local
bookworm: resolved (fixed in 3:5.56+dfsg-8)
bullseye: resolved (fixed in 3:5.56+dfsg-8)
forky: resolved (fixed in 3:5.56+dfsg-8)
sid: resolved (fixed in 3:5.56+dfsg-8)
trixie: resolved (fixed in 3:5.56+dfsg-8)
Red Hat
stunnel: client certificate not correctly verified when redirect and verifyChain options are used
vendor_redhat·2020-10-11·CVSS 7.5
CVE-2021-20230 [HIGH] CWE-295 stunnel: client certificate not correctly verified when redirect and verifyChain options are used
stunnel: client certificate not correctly verified when redirect and verifyChain options are used
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
A flaw was found in stunnel, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, w
GHSA
GHSA-wwrq-59mq-v8w2: A flaw was found in stunnel before 5
ghsa_unreviewed·2022-05-24
CVE-2021-20230 [HIGH] CWE-295 GHSA-wwrq-59mq-v8w2: A flaw was found in stunnel before 5
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
OSV
CVE-2021-20230: A flaw was found in stunnel before 5
osv·2021-02-23·CVSS 7.5
CVE-2021-20230 [HIGH] CVE-2021-20230: A flaw was found in stunnel before 5
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bugzilla.redhat.com/show_bug.cgi?id=1925226https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9https://security.gentoo.org/glsa/202105-02https://bugzilla.redhat.com/show_bug.cgi?id=1925226https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9https://security.gentoo.org/glsa/202105-02
2021-02-23
Published