#VU83899 Missing Encryption of Sensitive Data in cURL


Published: 2023-12-06

Vulnerability identifier: #VU83899

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46219

CWE-ID: CWE-311

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
cURL
Client/Desktop applications / Other client software

Vendor: curl.haxx.se

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error when handling HSTS long file names. When saving HSTS data to an excessively long file name, curl can end up removing all contents from the file, making subsequent requests using that file unaware of the HSTS status they should otherwise use. As a result, a remote attacker can perform MitM attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

cURL: 7.84.0 - 8.4.0

External links
http://curl.haxx.se/docs/CVE-2023-46219.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Tenable Nessus Network Monitor update for third-party components
Multiple vulnerabilities in Red Hat JBoss Core Services for RHEL 7 and 8
Multiple vulnerabilities in Red Hat JBoss Core Services Apache HTTP Server 2.4
openEuler 22.03 LTS SP2 update for curl
openEuler 22.03 LTS SP1 update for curl
openEuler 22.03 LTS update for curl
openEuler 20.03 LTS SP3 update for curl
openEuler 20.03 LTS SP1 update for curl
Multiple vulnerabilities in IBM Automation Decision Services
Multiple vulnerabilities in IBM Cloud Pak for Network Automation