canonical ubuntu-linux CVE-2021-22946 vulnerability in Canonical and Other Products
Published on September 29, 2021

product logo product logo product logo product logo product logo product logo product logo product logo product logo product logo
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-22946 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. An automatable proof of concept (POC) exploit exists. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
NONE
Availability Impact:
NONE

Weakness Types

Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

Cleartext Transmission of Sensitive Information

The software transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. Many communication channels can be "sniffed" by attackers during data transmission. For example, network traffic can often be sniffed by any attacker who has access to a network interface. This significantly lowers the difficulty of exploitation by attackers.


Products Associated with CVE-2021-22946

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-22946 are published in these products:

Canonical Ubuntu Linux
 
Haxx Curl
 
Debian Linux
 
Fedora Project Fedora
 
NetApp Clustered Data Ontap
 
Oracle MySQL
 
NetApp Cloud Backup
 
NetApp Oncommand Insight
 
NetApp Oncommand Workflow Automation
 
NetApp Snapcenter
 
Oracle Peoplesoft Enterprise Peopletools
 
Oracle Communications Cloud Native Core Network Slice Selection Function
 
Oracle Communications Cloud Native Core Network Repository Function
 
Oracle Communications Cloud Native Core Network Function Cloud Native Environment
 
Oracle Communications Cloud Native Core Service Communication Proxy
 
Oracle Communications Cloud Native Core Binding Support Function
 
Apple macOS
 
Siemens Sinec Infrastructure Network Services
 
Oracle Commerce Guided Search
 
Oracle Communications Cloud Native Core Security Edge Protection Proxy
 
Oracle Communications Cloud Native Core Console
 
Splunk Universal Forwarder
 

Exploit Probability

EPSS
0.06%
Percentile
19.39%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.