CVE-2021-34599

Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the server to which the connection is made is not properly verified, the server connection is vulnerable to a man-in-the-middle attack.

CVSS v3 7.4 HIGH
CVSS v2.0 5.8 MEDIUM

7.4^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:codesys:git:*:*:*:*:*:*:*:*

cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*

History

02 Dec 2021, 16:37

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~8.0~~	v2 : 5.8 v3 : 7.4
CPE		cpe:2.3:a:codesys:git:::::::: cpe:2.3:a:codesys:development_system::::::::
References	~~(CONFIRM) https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download -~~	(CONFIRM) https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download - Vendor Advisory

01 Dec 2021, 09:25

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-12-01 09:15

Updated : 2023-12-10 14:09

NVD link : CVE-2021-34599

Mitre link : CVE-2021-34599

CVE.ORG link : CVE-2021-34599

JSON object : View

Products Affected

codesys

development_system
git

CWE

CWE-295

Improper Certificate Validation

{"id": "CVE-2021-34599", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}, {"type": "Secondary", "source": "info@cert.vde.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2021-12-01T09:15:06.627", "references": [{"url": "https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download", "tags": ["Vendor Advisory"], "source": "info@cert.vde.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "info@cert.vde.com", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the server to which the connection is made is not properly verified, the server connection is vulnerable to a man-in-the-middle attack."}, {"lang": "es", "value": "Las versiones afectadas de CODESYS Git en Versiones anteriores a V1.1.0.0, carecen de la comprobaci\u00f3n de certificados en los protocolos de enlace HTTPS. CODESYS Git no implementa la comprobaci\u00f3n de certificados por defecto, por lo que no comprueba que el servidor proporcione un certificado HTTPS v\u00e1lido y confiable. Dado que el certificado del servidor con el que es realizada la conexi\u00f3n no es verificado apropiadamente, la conexi\u00f3n del servidor es vulnerable a un ataque de tipo man-in-the-middle"}], "lastModified": "2022-07-28T09:34:21.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:codesys:git:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E38BAFA3-A5E3-4DF4-94DE-8798CADEFE90", "versionEndExcluding": "1.1.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EE05318E-4AB4-4DEB-8E13-B152C27C7436", "versionEndExcluding": "3.5.17.0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "info@cert.vde.com"}