#VU83900 Information disclosure in cURL


Published: 2023-12-06

Vulnerability identifier: #VU83900

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46218

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
cURL
Client/Desktop applications / Other client software

Vendor: curl.haxx.se

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to an error in curl that allows a malicious HTTP server to set "super cookies" that are then passed back to more origins than what is otherwise allowed or possible. A remote attacker can force curl to send such cookie to different and unrelated sites and domains.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

cURL: 7.46.0 - 8.4.0

External links
http://curl.haxx.se/docs/CVE-2023-46218.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM MQ Operator and Queue manager container images
Multiple vulnerabilities in Red Hat Migration Toolkit for Containers (MTC) 1.7
Multiple vulnerabilities in Red Hat build of Cryostat 2 on RHEL 8
Tenable Nessus Network Monitor update for third-party components
Multiple vulnerabilities in Red Hat OpenShift GitOps 1.12
Multiple vulnerabilities in Red Hat OpenShift GitOps 1.10
Multiple vulnerabilities in Red Hat OpenShift GitOps
Multiple vulnerabilities in Dell Networking OS10
Multiple vulnerabilities in Red Hat OpenShift Service Mesh Containers 2.5
Multiple vulnerabilities in Red Hat Migration Toolkit for Containers (MTC) 1.8