Vulnerability Report

CVE-2021-3450

Title: Oracle Mysql Connectors

Other

Proof Of Concept

No public PoC currently indexed for CVE-2021-3450.

CWE Category CWE-295
Published Date Mar 25, 2021
Modified Date Nov 21, 2024
Exploit Status Not Found
Score 7.4 CVSS v3.1
Exploit Probability (EPSS)
0.50%

Vulnerability Summary

CVE-2021-3450: The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a "purpose" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named "purpose" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).

Impacted Vendors

H
hpe 1
W
websense 1
N
nodejs 1
S
sonicwall 3
B
bea 1
N
nessus 1
R
redhat 1
O
oracle 13
M
mysql 1
S
symantec 1
T
tenable 3
J
joyent 1
N
netapp 5
T
tarantella 1
M
mcafee 2
O
openssl 1

Reference Links

http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-08 https://www.tenable.com/security/tns-2021-09 http://www.openwall.com/lists/oss-security/2021/03/27/1 http://www.openwall.com/lists/oss-security/2021/03/27/2 http://www.openwall.com/lists/oss-security/2021/03/28/3 http://www.openwall.com/lists/oss-security/2021/03/28/4 https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2a40b7bc7b94dd7de897a74571e7024f0cf0d63b https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845 https://kc.mcafee.com/corporate/index?page=content&id=SB10356 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/ https://mta.openssl.org/pipermail/openssl-announce/2021-March/000198.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013 https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc https://security.gentoo.org/glsa/202103-03 https://security.netapp.com/advisory/ntap-20210326-0006/ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd https://www.openssl.org/news/secadv/20210325.txt https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuApr2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://www.tenable.com/security/tns-2021-05 https://www.tenable.com/security/tns-2021-08 https://www.tenable.com/security/tns-2021-09
CVSS v3.1
Source Entity [email protected]
Severity HIGH
7.4
Attack Vector
NETWORK
Complexity
HIGH
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS v2.0
Source Entity [email protected]
Severity MEDIUM
5.8
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:M/Au:N/C:P/I:P/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2021-3450 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity HIGH
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Stack

No specific products linked.