Lucene search

K
redhatcveRedhat.comRH:CVE-2021-22898
HistoryMay 26, 2021 - 9:45 a.m.

CVE-2021-22898

2021-05-2609:45:53
redhat.com
access.redhat.com
52

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

58.3%

A flaw was found in the way curl handled telnet protocol option for sending environment variables, which could lead to sending of uninitialized data from a stack-based buffer to the server. This issue leads to potentially revealing sensitive internal information to the server using a clear-text network protocol.

Mitigation

This issue can be avoided by not setting any telnet options for the curl command line tool (using the -t / --telnet-option command line option) or the libcurl library (using the CURLOPT_TELNETOPTIONS option) when telnet protocol is not meant to be used.

If telnet protocol needs to be used with curl / libcurl, along with the NEW_ENV telnet option, ensure that no environment variable set via the NEW_ENV option has the name or value longer than 127 bytes.

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

EPSS

0.002

Percentile

58.3%