An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
References
Link | Resource |
---|---|
https://hackerone.com/reports/1892780 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html | Mailing List Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/ | Mailing List Third Party Advisory |
https://security.gentoo.org/glsa/202310-12 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20230420-0010/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
|
History
27 Mar 2024, 14:47
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk universal Forwarder |
|
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
07 Nov 2023, 04:09
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
20 Oct 2023, 18:45
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202310-12 - Third Party Advisory |
11 Oct 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Jun 2023, 19:29
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
First Time |
Netapp active Iq Unified Manager
Netapp h700s Netapp h700s Firmware Netapp h300s Debian Netapp h300s Firmware Netapp h410s Debian debian Linux Netapp h410s Firmware Netapp h500s Firmware Netapp Netapp h500s Netapp ontap 9 |
|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230420-0010/ - Third Party Advisory | |
CPE | cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:* |
21 Apr 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Apr 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Apr 2023, 13:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject
Fedoraproject fedora Haxx libcurl Haxx |
|
CWE | CWE-287 | |
References | (MISC) https://hackerone.com/reports/1892780 - Exploit, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/ - Mailing List, Third Party Advisory |
09 Apr 2023, 04:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Mar 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-30 20:15
Updated : 2024-03-27 14:47
NVD link : CVE-2023-27535
Mitre link : CVE-2023-27535
CVE.ORG link : CVE-2023-27535
JSON object : View
Products Affected
netapp
- h700s_firmware
- h300s_firmware
- h500s
- h300s
- h410s
- h700s
- h410s_firmware
- h500s_firmware
- active_iq_unified_manager
- ontap_9
splunk
- universal_forwarder
debian
- debian_linux
haxx
- libcurl
fedoraproject
- fedora