CVE-2021-3450

2021-03-2514:58:02

redhat.com

access.redhat.com

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

65.4%

JSON

A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is to data confidentiality and integrity.

Mitigation

The following conditions have to be met for an application compiled with OpenSSL to be vulnerable:

- the CA trusted by the system must issue or have issued certificates that don't include basic Key Usage extension.
- the CA certificates must not have path length constraint set to a value that would limit the certificate chain to just the subscriber certificates (i.e. CA certificate just above the subscriber cert must not have 0 as the path length constraint, and any CA above it must not have it increase by more than 1 for every level in the hierarchy)
- the attacker needs to have access to such subscriber certificate (without basic Key Usage and linking up to CAs without path length constraints or not effectively constraining certs issued by this certificate)
- the application under attack must use the X509_V_FLAG_X509_STRICT flag and must not set purpose for the certificate verification

if any of the above conditions are not met then the application compiled with OpenSSL is not vulnerable to the CVE.