A flaw was found in curl. The flaw lies in how curl handles cached or pipelined responses that it receives from either a IMAP, POP3, SMTP or FTP server before the TLS upgrade using STARTTLS. In such a scenario curl even after upgrading to TLS would trust these cached responses treating them as valid and authenticated and use them. An attacker could potentially use this flaw to carry out a Man-In-The-Middle attack. The highest threat from this vulnerability is to data confidentiality.
Platform | Package | Release Date | Advisory |
---|---|---|---|
Amazon Linux 1 | curl | 2021-11-10 22:13 | ALAS-2021-1549 |
Amazon Linux 2 - Core | curl | 2021-12-08 02:22 | ALAS2-2021-1724 |
Score Type | Score | Vector | |
---|---|---|---|
Amazon Linux | CVSSv3 | 6.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N |
NVD | CVSSv3 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
NVD | CVSSv2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:P/A:N |