Lucene search

[email protected]CVE-2021-23841

HistoryFeb 16, 2021 - 5:15 p.m.

CVE-2021-23841

2021-02-1617:15:13

CWE-476

[email protected]

web.nvd.nist.gov

1785

cve-2021-23841

openssl

x509_issuer_and_serial_hash

ddos

denial of service

security update

nvd

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.2%

JSON

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).

Affected configurations

NVD

Node

opensslopensslRange1.0.2–1.0.2y

opensslopensslRange1.1.1–1.1.1j

Node

debiandebian_linuxMatch10.0

Node

tenablenessus_network_monitorMatch5.11.0

tenablenessus_network_monitorMatch5.11.1

tenablenessus_network_monitorMatch5.12.0

tenablenessus_network_monitorMatch5.12.1

tenablenessus_network_monitorMatch5.13.0

tenabletenable.scRange5.13.0–5.17.0

Node

applesafariRange<14.1.1

appleipadosRange<14.6

appleiphone_osRange<14.6

applemacosRange11.1–11.4

Node

netapponcommand_insightMatch-

netapponcommand_workflow_automationMatch-

netappsnapcenterMatch-

Node

oraclebusiness_intelligenceMatch5.5.0.0.0enterprise

oraclebusiness_intelligenceMatch5.9.0.0.0enterprise

oraclebusiness_intelligenceMatch12.2.1.3.0enterprise

oraclebusiness_intelligenceMatch12.2.1.4.0enterprise

oraclecommunications_cloud_native_core_policyMatch1.15.0

oracleenterprise_manager_for_storage_managementMatch13.4.0.0

oracleenterprise_manager_ops_centerMatch12.4.0.0

oracleessbaseMatch21.2

oraclegraalvmMatch19.3.5enterprise

oraclegraalvmMatch20.3.1.2enterprise

oraclegraalvmMatch21.0.0.2enterprise

oraclejd_edwards_world_securityMatcha9.4

oraclemysql_enterprise_monitorRange<8.0.23

oraclemysql_serverRange<5.7.33

oraclemysql_serverRange8.0.15–8.0.23

oraclepeoplesoft_enterprise_peopletoolsMatch8.57

oraclepeoplesoft_enterprise_peopletoolsMatch8.58

oraclepeoplesoft_enterprise_peopletoolsMatch8.59

oraclezfs_storage_appliance_kitMatch8.8

Node

siemenssinec_insRange<1.0

siemenssinec_insMatch1.0-

siemenssinec_insMatch1.0sp1

CPENameOperatorVersion
openssl:opensslopenssllt1.0.2y
openssl:opensslopenssllt1.1.1j

CPE	Name	Operator	Version
openssl:openssl	openssl	lt	1.0.2y
openssl:openssl	openssl	lt	1.1.1j

CNA Affected

[
  {
    "product": "OpenSSL",
    "vendor": "OpenSSL",
    "versions": [
      {
        "status": "affected",
        "version": "Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i)"
      },
      {
        "status": "affected",
        "version": "Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x)"
      }
    ]
  }
]