CVE-2021-34433

In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerKeyExchange.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://bugs.eclipse.org/bugs/show_bug.cgi?id=575281	Issue Tracking Vendor Advisory
https://bugs.eclipse.org/bugs/show_bug.cgi?id=575281	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:eclipse:californium::::::::
	cpe:2.3:a:eclipse:californium:3.0.0:m1::::::
	cpe:2.3:a:eclipse:californium:3.0.0:m2::::::
	cpe:2.3:a:eclipse:californium:3.0.0:m3::::::

History

21 Nov 2024, 06:10

Type	Values Removed	Values Added
References	~~() https://bugs.eclipse.org/bugs/show_bug.cgi?id=575281 - Issue Tracking, Vendor Advisory~~	() https://bugs.eclipse.org/bugs/show_bug.cgi?id=575281 - Issue Tracking, Vendor Advisory

Information

Published : 2021-08-20 17:15

Updated : 2024-11-21 06:10

NVD link : CVE-2021-34433

Mitre link : CVE-2021-34433

CVE.ORG link : CVE-2021-34433

JSON object : View

Products Affected

eclipse

californium

CWE

CWE-322

Key Exchange without Entity Authentication

CWE-347

Improper Verification of Cryptographic Signature

{"id": "CVE-2021-34433", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-08-20T17:15:07.687", "references": [{"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=575281", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "emo@eclipse.org"}, {"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=575281", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "emo@eclipse.org", "description": [{"lang": "en", "value": "CWE-322"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-347"}]}], "descriptions": [{"lang": "en", "value": "In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerKeyExchange."}, {"lang": "es", "value": "En Eclipse Californium versiones 2.0.0 a 2.6.4 y 3.0.0-M1 a 3.0.0-M3, los handshakes DTLS basados en certificados (x509 y RPK) presentan \u00e9xito accidentalmente sin verificar la firma del lado del servidor en el lado del cliente, si esa firma no est\u00e1 incluida en el ServerKeyExchange del servidor."}], "lastModified": "2024-11-21T06:10:24.130", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:californium:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65A08A46-AE52-493B-BD3B-06B7F33A6199", "versionEndExcluding": "2.6.5", "versionStartIncluding": "2.0.0"}, {"criteria": "cpe:2.3:a:eclipse:californium:3.0.0:m1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9664425C-0BC8-42FA-A128-4888792AABD6"}, {"criteria": "cpe:2.3:a:eclipse:californium:3.0.0:m2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BAEC5E6-CADE-402A-8741-C6962C051A16"}, {"criteria": "cpe:2.3:a:eclipse:californium:3.0.0:m3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72226029-FA1A-41D5-BF95-A60C830C394A"}], "operator": "OR"}]}], "sourceIdentifier": "emo@eclipse.org"}