Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-27538

Good to know:

icon

Date: March 30, 2023

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.

Language: C

Severity Score

Related Resources (12)

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
https://seclists.org/oss-sec/2023/q1/179
https://curl.se/docs/CVE-2023-27538.html
https://github.com/curl/curl/commit/af369db4d3833272b8ed
https://security-tracker.debian.org/tracker/CVE-2023-27538
https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
https://nvd.nist.gov/vuln/detail/CVE-2023-27538
https://security.netapp.com/advisory/ntap-20230420-0010/
https://access.redhat.com/security/cve/CVE-2023-27538
https://security.gentoo.org/glsa/202310-12
https://hackerone.com/reports/1898475
https://www.mend.io/vulnerability-database/CVE-2023-27538

Severity Score

Weakness Type (CWE)

Authentication Issues

CWE-287

Authentication Bypass by Primary Weakness

CWE-305

Top Fix

icon

Upgrade Version

Upgrade to version curl-8_0_0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us