canonical ubuntu-linux CVE-2021-22925 vulnerability in Canonical and Other Products
Published on August 5, 2021

product logo product logo product logo product logo product logo product logo product logo product logo product logo
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.

Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-22925 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. An automatable proof of concept (POC) exploit exists. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
LOW
Integrity Impact:
NONE
Availability Impact:
NONE

Weakness Type

What is an Information Disclosure Vulnerability?

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CVE-2021-22925 has been classified to as an Information Disclosure vulnerability or weakness.


Products Associated with CVE-2021-22925

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-22925 are published in these products:

Canonical Ubuntu Linux
 
Haxx Curl
 
Fedora Project Fedora
 
NetApp Clustered Data Ontap
 
NetApp Hci Management Node
 
NetApp Solidfire
 
Apple macOS
 
Oracle MySQL
 
Oracle Peoplesoft Enterprise Peopletools
 
Siemens Sinec Infrastructure Network Services
 
NetApp Cloud Backup
 
Siemens Sinema Remote Connect Server
 
Splunk Universal Forwarder
 

Exploit Probability

EPSS
0.42%
Percentile
62.22%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.