CVE-2021-3450 — Improper Certificate Validation in Openssl

CWE-295 — Improper Certificate Validation CWE-476 — NULL Pointer Dereference16 documents10 sources

Severity

7.4HIGHNVD

EPSS

0.5%

top 33.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Nodejs Node.js Oracle JD Edwards Enterpriseone Tools +24 more

Timeline

PublishedMar 25

Latest updateJul 15

Description

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. Thi…

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages27 packages

▶NVDopenssl/openssl1.1.1h — 1.1.1k

▶Debianopenssl/openssl< 1.1.1k-1+3

▶CVEListV5openssl/opensslFixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j)

▶NVDsonicwall/capture_client< 3.6.24

▶NVDoracle/mysql_server8.0.15 — 8.0.23+1

Also affects: Freebsd 12.2, Fedora 34

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

OSV

Certificate check bypass in openssl-src↗2021-08-25

▶

GHSA

Certificate check bypass in openssl-src↗2021-08-25

▶

OSV

CA certificate check bypass with X509_V_FLAG_X509_STRICT↗2021-05-01

▶

CVEList

CA certificate check bypass with X509_V_FLAG_X509_STRICT↗2021-03-25

▶

OSV

CVE-2021-3450: The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain↗2021-03-25

▶

📋Vendor Advisories

Oracle

Oracle Oracle Commerce Risk Matrix: Framework, Experience Manager (OpenSSL) — CVE-2021-3450↗2022-07-15

▶

Oracle

Oracle Oracle Enterprise Manager Risk Matrix: Privilege Management (OpenSSL) — CVE-2021-3450↗2022-04-15

▶

Oracle

Oracle Oracle Secure Backup Risk Matrix: Oracle Secure Backup (OpenSSL) — CVE-2021-3450↗2021-10-15

▶

Microsoft

OpenSSL: CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT↗2021-10-12

▶

Oracle

Oracle Oracle MySQL Risk Matrix: Connector/C++ (OpenSSL) — CVE-2021-3450↗2021-07-15

▶