#VU83899 Missing Encryption of Sensitive Data in cURL


Vulnerability identifier: #VU83899

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-46219

CWE-ID: CWE-311

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
cURL
Client/Desktop applications / Other client software

Vendor: curl.haxx.se

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to an error when handling HSTS long file names. When saving HSTS data to an excessively long file name, curl can end up removing all contents from the file, making subsequent requests using that file unaware of the HSTS status they should otherwise use. As a result, a remote attacker can perform MitM attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

cURL: 7.84.0 - 8.4.0

External links
http://curl.haxx.se/docs/CVE-2023-46219.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell PowerScale OneFS
Multiple vulnerabilities in Dell NetWorker And NetWorker Management Console
Multiple vulnerabilities in IBM Storage Protect for Virtual Environments: Data Protection for Microsoft Hyper-V
Multiple vulnerabilities in IBM Storage Protect Plus
Gentoo update for curl
Amazon Linux AMI update for curl
Multiple vulnerabilities in IBM Storage Copy Data Management
Multiple vulnerabilities in IBM Storage Protect Client
Multiple vulnerabilities in Dell ThinOS
Tenable Nessus Network Monitor update for third-party components