Vulnerability Details CVE-2021-22924
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.1%
CVSS Severity
CVSS v3 Score 3.7
CVSS v2 Score 4.3
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf
- https://hackerone.com/reports/1223565
- https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
- https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
- https://security.netapp.com/advisory/ntap-20210902-0003/
- https://www.debian.org/security/2022/dsa-5197
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf
- https://hackerone.com/reports/1223565
- https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E
- https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
- https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
- https://security.netapp.com/advisory/ntap-20210902-0003/
- https://www.debian.org/security/2022/dsa-5197
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
Products affected by CVE-2021-22924
-
cpe:2.3:a:haxx:libcurl:7.10.4
-
cpe:2.3:a:haxx:libcurl:7.10.5
-
cpe:2.3:a:haxx:libcurl:7.10.6
-
cpe:2.3:a:haxx:libcurl:7.10.7
-
cpe:2.3:a:haxx:libcurl:7.10.8
-
cpe:2.3:a:haxx:libcurl:7.11.0
-
cpe:2.3:a:haxx:libcurl:7.11.1
-
cpe:2.3:a:haxx:libcurl:7.11.2
-
cpe:2.3:a:haxx:libcurl:7.12.0
-
cpe:2.3:a:haxx:libcurl:7.12.1
-
cpe:2.3:a:haxx:libcurl:7.12.2
-
cpe:2.3:a:haxx:libcurl:7.12.3
-
cpe:2.3:a:haxx:libcurl:7.13.0
-
cpe:2.3:a:haxx:libcurl:7.13.1
-
cpe:2.3:a:haxx:libcurl:7.13.2
-
cpe:2.3:a:haxx:libcurl:7.14.0
-
cpe:2.3:a:haxx:libcurl:7.14.1
-
cpe:2.3:a:haxx:libcurl:7.15.0
-
cpe:2.3:a:haxx:libcurl:7.15.1
-
cpe:2.3:a:haxx:libcurl:7.15.2
-
cpe:2.3:a:haxx:libcurl:7.15.3
-
cpe:2.3:a:haxx:libcurl:7.15.4
-
cpe:2.3:a:haxx:libcurl:7.15.5
-
cpe:2.3:a:haxx:libcurl:7.16.0
-
cpe:2.3:a:haxx:libcurl:7.16.1
-
cpe:2.3:a:haxx:libcurl:7.16.2
-
cpe:2.3:a:haxx:libcurl:7.16.3
-
cpe:2.3:a:haxx:libcurl:7.16.4
-
cpe:2.3:a:haxx:libcurl:7.17.0
-
cpe:2.3:a:haxx:libcurl:7.17.1
-
cpe:2.3:a:haxx:libcurl:7.18.0
-
cpe:2.3:a:haxx:libcurl:7.18.1
-
cpe:2.3:a:haxx:libcurl:7.18.2
-
cpe:2.3:a:haxx:libcurl:7.19.0
-
cpe:2.3:a:haxx:libcurl:7.19.1
-
cpe:2.3:a:haxx:libcurl:7.19.2
-
cpe:2.3:a:haxx:libcurl:7.19.3
-
cpe:2.3:a:haxx:libcurl:7.19.4
-
cpe:2.3:a:haxx:libcurl:7.19.5
-
cpe:2.3:a:haxx:libcurl:7.19.6
-
cpe:2.3:a:haxx:libcurl:7.19.7
-
cpe:2.3:a:haxx:libcurl:7.20.0
-
cpe:2.3:a:haxx:libcurl:7.20.1
-
cpe:2.3:a:haxx:libcurl:7.21.0
-
cpe:2.3:a:haxx:libcurl:7.21.1
-
cpe:2.3:a:haxx:libcurl:7.21.2
-
cpe:2.3:a:haxx:libcurl:7.21.3
-
cpe:2.3:a:haxx:libcurl:7.21.4
-
cpe:2.3:a:haxx:libcurl:7.21.5
-
cpe:2.3:a:haxx:libcurl:7.21.6
-
cpe:2.3:a:haxx:libcurl:7.21.7
-
cpe:2.3:a:haxx:libcurl:7.22.0
-
cpe:2.3:a:haxx:libcurl:7.23.0
-
cpe:2.3:a:haxx:libcurl:7.23.1
-
cpe:2.3:a:haxx:libcurl:7.24.0
-
cpe:2.3:a:haxx:libcurl:7.25.0
-
cpe:2.3:a:haxx:libcurl:7.26.0
-
cpe:2.3:a:haxx:libcurl:7.27.0
-
cpe:2.3:a:haxx:libcurl:7.28.0
-
cpe:2.3:a:haxx:libcurl:7.28.1
-
cpe:2.3:a:haxx:libcurl:7.29.0
-
cpe:2.3:a:haxx:libcurl:7.30.0
-
cpe:2.3:a:haxx:libcurl:7.31.0
-
cpe:2.3:a:haxx:libcurl:7.32.0
-
cpe:2.3:a:haxx:libcurl:7.33.0
-
cpe:2.3:a:haxx:libcurl:7.34.0
-
cpe:2.3:a:haxx:libcurl:7.35.0
-
cpe:2.3:a:haxx:libcurl:7.36.0
-
cpe:2.3:a:haxx:libcurl:7.37.0
-
cpe:2.3:a:haxx:libcurl:7.37.1
-
cpe:2.3:a:haxx:libcurl:7.38.0
-
cpe:2.3:a:haxx:libcurl:7.39
-
cpe:2.3:a:haxx:libcurl:7.39.0
-
cpe:2.3:a:haxx:libcurl:7.40.0
-
cpe:2.3:a:haxx:libcurl:7.41.0
-
cpe:2.3:a:haxx:libcurl:7.42
-
cpe:2.3:a:haxx:libcurl:7.42.0
-
cpe:2.3:a:haxx:libcurl:7.42.1
-
cpe:2.3:a:haxx:libcurl:7.43.0
-
cpe:2.3:a:haxx:libcurl:7.44.0
-
cpe:2.3:a:haxx:libcurl:7.45.0
-
cpe:2.3:a:haxx:libcurl:7.46.0
-
cpe:2.3:a:haxx:libcurl:7.47.0
-
cpe:2.3:a:haxx:libcurl:7.47.1
-
cpe:2.3:a:haxx:libcurl:7.48.0
-
cpe:2.3:a:haxx:libcurl:7.49.0
-
cpe:2.3:a:haxx:libcurl:7.49.1
-
cpe:2.3:a:haxx:libcurl:7.50.0
-
cpe:2.3:a:haxx:libcurl:7.50.1
-
cpe:2.3:a:haxx:libcurl:7.50.2
-
cpe:2.3:a:haxx:libcurl:7.50.3
-
cpe:2.3:a:haxx:libcurl:7.51.0
-
cpe:2.3:a:haxx:libcurl:7.52.0
-
cpe:2.3:a:haxx:libcurl:7.52.1
-
cpe:2.3:a:haxx:libcurl:7.53.0
-
cpe:2.3:a:haxx:libcurl:7.53.1
-
cpe:2.3:a:haxx:libcurl:7.54.0
-
cpe:2.3:a:haxx:libcurl:7.54.1
-
cpe:2.3:a:haxx:libcurl:7.55.0
-
cpe:2.3:a:haxx:libcurl:7.55.1
-
cpe:2.3:a:haxx:libcurl:7.56.0
-
cpe:2.3:a:haxx:libcurl:7.56.1
-
cpe:2.3:a:haxx:libcurl:7.57.0
-
cpe:2.3:a:haxx:libcurl:7.58.0
-
cpe:2.3:a:haxx:libcurl:7.59.0
-
cpe:2.3:a:haxx:libcurl:7.60.0
-
cpe:2.3:a:haxx:libcurl:7.61.0
-
cpe:2.3:a:haxx:libcurl:7.61.1
-
cpe:2.3:a:haxx:libcurl:7.62.0
-
cpe:2.3:a:haxx:libcurl:7.63.0
-
cpe:2.3:a:haxx:libcurl:7.64.0
-
cpe:2.3:a:haxx:libcurl:7.64.1
-
cpe:2.3:a:haxx:libcurl:7.65.0
-
cpe:2.3:a:haxx:libcurl:7.65.1
-
cpe:2.3:a:haxx:libcurl:7.65.2
-
cpe:2.3:a:haxx:libcurl:7.65.3
-
cpe:2.3:a:haxx:libcurl:7.66.0
-
cpe:2.3:a:haxx:libcurl:7.67.0
-
cpe:2.3:a:haxx:libcurl:7.68.0
-
cpe:2.3:a:haxx:libcurl:7.69.0
-
cpe:2.3:a:haxx:libcurl:7.69.1
-
cpe:2.3:a:haxx:libcurl:7.70.0
-
cpe:2.3:a:haxx:libcurl:7.71.0
-
cpe:2.3:a:haxx:libcurl:7.71.1
-
cpe:2.3:a:haxx:libcurl:7.72.0
-
cpe:2.3:a:haxx:libcurl:7.73.0
-
cpe:2.3:a:haxx:libcurl:7.74.0
-
cpe:2.3:a:haxx:libcurl:7.75.0
-
cpe:2.3:a:netapp:cloud_backup:-
-
cpe:2.3:a:netapp:clustered_data_ontap:-
-
cpe:2.3:a:netapp:solidfire_&_hci_management_node:-
-
cpe:2.3:a:oracle:mysql_server:5.7.0
-
cpe:2.3:a:oracle:mysql_server:5.7.26
-
cpe:2.3:a:oracle:mysql_server:5.7.27
-
cpe:2.3:a:oracle:mysql_server:5.7.28
-
cpe:2.3:a:oracle:mysql_server:5.7.32
-
cpe:2.3:a:oracle:mysql_server:5.7.33
-
cpe:2.3:a:oracle:mysql_server:5.7.34
-
cpe:2.3:a:oracle:mysql_server:5.7.35
-
cpe:2.3:a:oracle:mysql_server:5.7.36
-
cpe:2.3:a:oracle:mysql_server:8.0.0
-
cpe:2.3:a:oracle:mysql_server:8.0.15
-
cpe:2.3:a:oracle:mysql_server:8.0.17
-
cpe:2.3:a:oracle:mysql_server:8.0.22
-
cpe:2.3:a:oracle:mysql_server:8.0.23
-
cpe:2.3:a:oracle:mysql_server:8.0.24
-
cpe:2.3:a:oracle:mysql_server:8.0.25
-
cpe:2.3:a:oracle:mysql_server:8.0.26
-
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57
-
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58
-
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59
-
cpe:2.3:a:siemens:sinec_infrastructure_network_services:-
-
cpe:2.3:a:siemens:sinec_infrastructure_network_services:1.0.1
-
cpe:2.3:a:siemens:sinema_remote_connect:-
-
cpe:2.3:a:siemens:sinema_remote_connect:3.0
-
cpe:2.3:a:siemens:sinema_remote_connect_server:-
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.0
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.1
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.2
-
cpe:2.3:a:siemens:sinema_remote_connect_server:1.3
-
cpe:2.3:a:siemens:sinema_remote_connect_server:2.0
-
cpe:2.3:a:siemens:sinema_remote_connect_server:3.0
-
cpe:2.3:a:splunk:universal_forwarder:8.2.0
-
cpe:2.3:a:splunk:universal_forwarder:8.2.10
-
cpe:2.3:a:splunk:universal_forwarder:8.2.11
-
cpe:2.3:a:splunk:universal_forwarder:8.2.6
-
cpe:2.3:a:splunk:universal_forwarder:8.2.7
-
cpe:2.3:a:splunk:universal_forwarder:8.2.8
-
cpe:2.3:a:splunk:universal_forwarder:8.2.9
-
cpe:2.3:a:splunk:universal_forwarder:9.0.0
-
cpe:2.3:a:splunk:universal_forwarder:9.0.1
-
cpe:2.3:a:splunk:universal_forwarder:9.0.2
-
cpe:2.3:a:splunk:universal_forwarder:9.0.3
-
cpe:2.3:a:splunk:universal_forwarder:9.0.4
-
cpe:2.3:a:splunk:universal_forwarder:9.0.5
-
cpe:2.3:a:splunk:universal_forwarder:9.1.0
-
cpe:2.3:h:siemens:logo!_cmr2020:-
-
cpe:2.3:h:siemens:logo!_cmr2040:-
-
cpe:2.3:h:siemens:ruggedcomrm_1224_lte:-
-
cpe:2.3:h:siemens:scalance_m804pb:-
-
cpe:2.3:h:siemens:scalance_m812-1:-
-
cpe:2.3:h:siemens:scalance_m816-1:-
-
cpe:2.3:h:siemens:scalance_m826-2:-
-
cpe:2.3:h:siemens:scalance_m874-2:-
-
cpe:2.3:h:siemens:scalance_m874-3:-
-
cpe:2.3:h:siemens:scalance_m876-3:-
-
cpe:2.3:h:siemens:scalance_m876-4:-
-
cpe:2.3:h:siemens:scalance_mum856-1:-
-
cpe:2.3:h:siemens:scalance_s615:-
-
cpe:2.3:h:siemens:simatic_cp_1543-1:-
-
cpe:2.3:h:siemens:simatic_cp_1545-1:-
-
cpe:2.3:h:siemens:simatic_rtu3010c:-
-
cpe:2.3:h:siemens:simatic_rtu3030c:-
-
cpe:2.3:h:siemens:simatic_rtu3031c:-
-
cpe:2.3:h:siemens:simatic_rtu_3041c:-
-
cpe:2.3:h:siemens:siplus_net_cp_1543-1:-
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:11.0
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:fedoraproject:fedora:33
-
cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-
-
cpe:2.3:o:siemens:logo!_cmr2020_firmware:2.2
-
cpe:2.3:o:siemens:logo!_cmr2040_firmware:2.2
-
cpe:2.3:o:siemens:ruggedcomrm_1224_lte_firmware:*
-
cpe:2.3:o:siemens:scalance_m804pb_firmware:-
-
cpe:2.3:o:siemens:scalance_m812-1_firmware:-
-
cpe:2.3:o:siemens:scalance_m816-1_firmware:-
-
cpe:2.3:o:siemens:scalance_m826-2_firmware:-
-
cpe:2.3:o:siemens:scalance_m874-2_firmware:-
-
cpe:2.3:o:siemens:scalance_m874-3_firmware:-
-
cpe:2.3:o:siemens:scalance_m876-3_firmware:-
-
cpe:2.3:o:siemens:scalance_m876-4_firmware:-
-
cpe:2.3:o:siemens:scalance_mum856-1_firmware:-
-
cpe:2.3:o:siemens:scalance_s615_firmware:-
-
cpe:2.3:o:siemens:scalance_s615_firmware:4.01
-
cpe:2.3:o:siemens:scalance_s615_firmware:4.03
-
cpe:2.3:o:siemens:scalance_s615_firmware:4.3
-
cpe:2.3:o:siemens:scalance_s615_firmware:4.6
-
cpe:2.3:o:siemens:scalance_s615_firmware:5.0
-
cpe:2.3:o:siemens:scalance_s615_firmware:6.1
-
cpe:2.3:o:siemens:scalance_s615_firmware:6.1.2
-
cpe:2.3:o:siemens:scalance_s615_firmware:6.2
-
cpe:2.3:o:siemens:scalance_s615_firmware:6.3
-
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:-
-
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:1.0.15
-
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:2.0
-
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:2.0.28
-
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:2.1
-
cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:2.2
-
cpe:2.3:o:siemens:simatic_cp_1545-1_firmware:-
-
cpe:2.3:o:siemens:simatic_rtu3010c_firmware:-
-
cpe:2.3:o:siemens:simatic_rtu3030c_firmware:-
-
cpe:2.3:o:siemens:simatic_rtu3031c_firmware:-
-
cpe:2.3:o:siemens:simatic_rtu_3041c_firmware:*
-
cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:-
-
cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:2.0.28