Main Vulnerability Database Vulnerabilities #VU85927

#VU85927 Improper check for certificate revocation in cURL - CVE-2024-0853

Published: January 31, 2024

Vulnerability identifier: #VU85927

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-0853

CWE-ID: CWE-299

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
cURL

Software vendor:
curl.haxx.se

Description

The vulnerability allows a remote attacker to bypass OCSP verification.

The vulnerability exists due to curl inadvertently keeps the SSL session ID for connections in its cache even when the verify status (OCSP stapling) test has failed. A subsequent transfer to the same hostname will be successful if the session ID cache is still fresh, which leads to skipping the verify status check. As a result, OCSP verification is always successful for all subsequent TLS sessions.

Remediation

Install updates from vendor's website.

External links

https://curl.haxx.se/docs/CVE-2024-0853.html

#VU85927 Improper check for certificate revocation in cURL - CVE-2024-0853

Description

Remediation

External links

Please verify you're human