CVE-2021-22897

CWE-840CWE-668Exposure to Wrong SphereCWE-295Improper Certificate Validation9 documents9 sources
Severity
5.3MEDIUM
EPSS
0.8%
top 26.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
11
Oracle EssbaseSiemens Sinec Infrastructure Network ServicesSplunk Universal Forwarder+8 more
Timeline
PublishedJun 11
Latest updateOct 15

Description

curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising side-effect that if an application sets up multiple concurrent transfers, the last one that sets the ciphers will accidentally control the set used by all transfers. In a worst-case scenario, this wea

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages12 packages

Alpinecurl< 0+12
NVDhaxx/curl7.61.07.76.1
CVEListV5https://github.com/curl/curl7.61.0 through 7.76.1
NVDoracle/essbase21.021.3+1
NVDsplunk/universal_forwarder8.2.08.2.12+2

Patches

Patch: cert-portal.siemens.comPatch: curl.sePatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-frcg-47mh-pj2g: curl 72022-05-24
OSV
CVE-2021-22897: curl 72021-06-11
CVEList
CVE-2021-22897: curl 72021-06-11

📋Vendor Advisories

4
Oracle
Oracle Oracle JD Edwards Risk Matrix: Enterprise Infrastructure SEC (curl) — CVE-2021-228972025-10-15
Microsoft
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The se2021-06-08
Red Hat
curl: Cipher settings shared for all connections when using schannel TLS backed2021-05-26
Debian
CVE-2021-22897: curl - curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong sessio...2021

💬Community

1
HackerOne
CVE-2021-22897: schannel cipher selection surprise2021-05-26