An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.
References
Link | Resource |
---|---|
https://hackerone.com/reports/1898475 | Exploit Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html | Mailing List |
https://security.gentoo.org/glsa/202310-12 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20230420-0010/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
|
History
27 Mar 2024, 14:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk universal Forwarder |
|
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
20 Oct 2023, 18:43
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:broadcom:brocade_fabric_operating_system_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:clustered_data_ontap:9.0:-:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* |
|
First Time |
Netapp h500s Firmware
Netapp clustered Data Ontap Debian debian Linux Broadcom brocade Fabric Operating System Firmware Netapp h300s Broadcom Netapp h300s Firmware Debian Netapp Netapp h700s Firmware Netapp h410s Netapp h410s Firmware Netapp h500s Netapp h700s Netapp active Iq Unified Manager |
|
References | (MLIST) https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html - Mailing List | |
References | (GENTOO) https://security.gentoo.org/glsa/202310-12 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230420-0010/ - Third Party Advisory |
11 Oct 2023, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-03-30 20:15
Updated : 2024-03-27 14:46
NVD link : CVE-2023-27538
Mitre link : CVE-2023-27538
CVE.ORG link : CVE-2023-27538
JSON object : View
Products Affected
netapp
- h300s
- h300s_firmware
- h500s_firmware
- h700s_firmware
- h700s
- h500s
- h410s_firmware
- h410s
- clustered_data_ontap
- active_iq_unified_manager
haxx
- libcurl
broadcom
- brocade_fabric_operating_system_firmware
fedoraproject
- fedora
debian
- debian_linux
splunk
- universal_forwarder