CVE-2021-22947
Description
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attackers injected data comes from the TLS-protected server.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
0.253
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x86-based Systems (KB5009543) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 20H2 for x64-based Systems (KB5009543) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 21H1 for x64-based Systems (KB5009543) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 21H1 for x86-based Systems (KB5009543) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 21H2 for x86-based Systems (KB5009543) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 21H2 for x64-based Systems (KB5009543) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x86-based Systems (KB5009545) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 1909 for x64-based Systems (KB5009545) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Microsoft server operating system version 21H2 for x64-based Systems (KB5009555) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows Server 2019 for x64-based Systems (KB5009557) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x64-based Systems (KB5009557) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 10 Version 1809 for x86-based Systems (KB5009557) | Windows |
| Virtual Machine IDE Drive Elevation of Privilege Vulnerability for Windows 11 for x64-based Systems (KB5009566) | Windows |
| Vulnerability CVE-2021-22946,CVE-2021-22947 are affected in Curl For Windows 7.78.0 | Windows |
| Vulnerabilities CVE-2021-22945,CVE-2021-22946,CVE-2021-22947 are affected in Curl For Windows 7.78.0 | Windows |
| Vulnerabilities CVE-2021-22947,CVE-2021-22946,CVE-2021-22945 are fixed in Curl For Windows 7.79.0 | Windows |
| Multiple Vulnerabilities are affected in IBM MQ 9.0 | Windows |
| Multiple Vulnerabilities are affected in IBM MQ 9.1 | Windows |
| Multiple Vulnerabilities are affected in IBM MQ 9.2 | Windows |
| Multiple vulnerabilities are fixed in Mac OS - Monterey 12.3 (Software Update) - AutoReboot | Mac |
| Multiple vulnerabilities are fixed in Mac OS - Monterey 12.3.1 (Software Update) - AutoReboot | Mac |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) curl_7.68.0-1ubuntu2.7_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) curl_7.68.0-1ubuntu2.7_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) curl_7.74.0-1ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) curl_7.74.0-1ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) curl_7.58.0-2ubuntu3.15_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) curl_7.58.0-2ubuntu3.15_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl4_7.68.0-1ubuntu2.7_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl4_7.68.0-1ubuntu2.7_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl4_7.74.0-1ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl4_7.74.0-1ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl4_7.58.0-2ubuntu3.15_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl4_7.58.0-2ubuntu3.15_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-nss_7.68.0-1ubuntu2.7_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-nss_7.68.0-1ubuntu2.7_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-nss_7.74.0-1ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-nss_7.74.0-1ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-nss_7.58.0-2ubuntu3.15_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-nss_7.58.0-2ubuntu3.15_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-gnutls_7.68.0-1ubuntu2.7_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-gnutls_7.68.0-1ubuntu2.7_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-gnutls_7.74.0-1ubuntu2.3_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-gnutls_7.74.0-1ubuntu2.3_amd64.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-gnutls_7.58.0-2ubuntu3.15_i386.deb | Linux |
| HTTP, HTTPS, and FTP client and client libraries (USN-5079-1) libcurl3-gnutls_7.58.0-2ubuntu3.15_amd64.deb | Linux |
| (RHSA-2021:4059) curl security update curl-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| (RHSA-2021:4059) curl security update curl-debugsource-7.61.1-18.el8_4.2.i686.rpm | Linux |
| (RHSA-2021:4059) curl security update curl-debugsource-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| (RHSA-2021:4059) curl security update libcurl-7.61.1-18.el8_4.2.i686.rpm | Linux |
| (RHSA-2021:4059) curl security update libcurl-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| (RHSA-2021:4059) curl security update libcurl-devel-7.61.1-18.el8_4.2.i686.rpm | Linux |
| (RHSA-2021:4059) curl security update libcurl-devel-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| (RHSA-2021:4059) curl security update libcurl-minimal-7.61.1-18.el8_4.2.i686.rpm | Linux |
| (RHSA-2021:4059) curl security update libcurl-minimal-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| Curl update (ELSA-2021-4059) curl-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| Libcurl update (ELSA-2021-4059) libcurl-7.61.1-18.el8_4.2.i686.rpm | Linux |
| Libcurl update (ELSA-2021-4059) libcurl-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| Libcurl-devel update (ELSA-2021-4059) libcurl-devel-7.61.1-18.el8_4.2.i686.rpm | Linux |
| Libcurl-devel update (ELSA-2021-4059) libcurl-devel-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| Libcurl-minimal update (ELSA-2021-4059) libcurl-minimal-7.61.1-18.el8_4.2.i686.rpm | Linux |
| Libcurl-minimal update (ELSA-2021-4059) libcurl-minimal-7.61.1-18.el8_4.2.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) curl-7.60.0-11.28.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) curl-debuginfo-7.60.0-11.28.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) curl-debugsource-7.60.0-11.28.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) libcurl4-7.60.0-11.28.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) libcurl4-32bit-7.60.0-11.28.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) libcurl4-debuginfo-7.60.0-11.28.1.x86_64.rpm | Linux |
| SUSE-SU-2021:3332-1(SUSE Linux Enterprise Server 12-SP5 ) libcurl4-debuginfo-32bit-7.60.0-11.28.1.x86_64.rpm | Linux |
| curl security update(DSA-5197-1) curl_7.74.0-1.3+deb11u2_amd64.deb | Linux |
| Insufficient Verification of Data Authenticity Vulnerability (CVE-2021-22947) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-32769 | 2022-01 Cumulative Update for Windows 10 Version 20H2 for x86-based Systems (KB5009543) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32770 | 2022-01 Cumulative Update for Windows 10 Version 20H2 for x64-based Systems (KB5009543) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32772 | 2022-01 Cumulative Update for Windows 10 Version 21H1 for x64-based Systems (KB5009543) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32773 | 2022-01 Cumulative Update for Windows 10 Version 21H1 for x86-based Systems (KB5009543) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32774 | 2022-01 Cumulative Update for Windows 10 Version 21H2 for x86-based Systems (KB5009543) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32775 | 2022-01 Cumulative Update for Windows 10 Version 21H2 for x64-based Systems (KB5009543) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32780 | 2022-01 Cumulative Update for Windows 10 Version 1909 for x86-based Systems (KB5009545) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32781 | 2022-01 Cumulative Update for Windows 10 Version 1909 for x64-based Systems (KB5009545) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32776 | 2022-01 Cumulative Update for Microsoft server operating system version 21H2 for x64-based Systems (KB5009555) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-32777 | 2022-01 Cumulative Update for Windows Server 2019 for x64-based Systems (KB5009557) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21839) (CVE-2022-21874) |
| PATCH-32778 | 2022-01 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5009557) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21839) (CVE-2022-21874) |
| PATCH-32779 | 2022-01 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5009557) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21839) (CVE-2022-21874) |
| PATCH-32787 | 2022-01 Cumulative Update for Windows 11 for x64-based Systems (KB5009566) (CVE-2021-22947) (CVE-2021-22947) (CVE-2022-21919) (CVE-2022-21836) (CVE-2022-21874) |
| PATCH-608134 | Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877) |
| PATCH-608134 | Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234