CVE-2021-22924

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate.

CVSS v3 3.7 LOW
CVSS v2.0 4.3 MEDIUM

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf	Third Party Advisory
https://hackerone.com/reports/1223565	Exploit Issue Tracking Patch Third Party Advisory
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20210902-0003/	Third Party Advisory
https://www.debian.org/security/2022/dsa-5197	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf	Third Party Advisory
https://hackerone.com/reports/1223565	Exploit Issue Tracking Patch Third Party Advisory
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cusers.kafka.apache.org%3E	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20210902-0003/	Third Party Advisory
https://www.debian.org/security/2022/dsa-5197	Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*
	cpe:2.3:o:debian:debian_linux:11.0:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:netapp:cloud_backup:-:::::::*
	cpe:2.3:a:netapp:clustered_data_ontap:-:::::::*
	cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:::::::*
	cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:::::::*

Configuration 5 (hide)

OR	cpe:2.3:a:oracle:mysql_server::::::::
	cpe:2.3:a:oracle:mysql_server::::::::
	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:::::::*

Configuration 6 (hide)

OR	cpe:2.3:a:siemens:sinec_infrastructure_network_services::::::::
	cpe:2.3:a:siemens:sinema_remote_connect_server::::::::

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:logo\!_cmr2040_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:logo\!_cmr2040:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:siemens:logo\!_cmr2020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:logo\!_cmr2020:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:siemens:ruggedcomrm_1224_lte_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:ruggedcomrm_1224_lte:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:siemens:scalance_m812-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m812-1:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:siemens:scalance_m816-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m816-1:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:siemens:scalance_mum856-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_mum856-1:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:siemens:simatic_cp_1543-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1543-1:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:siemens:simatic_cp_1545-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_cp_1545-1:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:siemens:simatic_rtu3010c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rtu3010c:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:siemens:simatic_rtu3030c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rtu3030c:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND

cpe:2.3:o:siemens:simatic_rtu3031c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rtu3031c:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND

cpe:2.3:o:siemens:simatic_rtu_3041c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:simatic_rtu_3041c:-:*:*:*:*:*:*:*

Configuration 26 (hide)

cpe:2.3:a:siemens:sinema_remote_connect:*:*:*:*:*:*:*:*

Configuration 27 (hide)

AND

cpe:2.3:o:siemens:siplus_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:siplus_net_cp_1543-1:-:*:*:*:*:*:*:*

Configuration 28 (hide)

OR	cpe:2.3:a:splunk:universal_forwarder::::::::
	cpe:2.3:a:splunk:universal_forwarder::::::::
	cpe:2.3:a:splunk:universal_forwarder:9.1.0:::::::*

History

No history.

Information

Published : 2021-08-05 21:15

Updated : 2025-06-09 15:15

NVD link : CVE-2021-22924

Mitre link : CVE-2021-22924

CVE.ORG link : CVE-2021-22924

JSON object : View

Products Affected

siemens

scalance_m826-2
sinema_remote_connect_server
simatic_cp_1545-1_firmware
scalance_m874-3_firmware
scalance_s615_firmware
siplus_net_cp_1543-1_firmware
ruggedcomrm_1224_lte
scalance_m816-1
sinema_remote_connect
logo\!_cmr2020
scalance_m826-2_firmware
scalance_m874-2_firmware
scalance_m812-1
scalance_m874-3
simatic_rtu_3041c_firmware
scalance_m812-1_firmware
simatic_rtu3030c
simatic_rtu3031c
scalance_m876-3_firmware
scalance_m874-2
scalance_m876-4_firmware
scalance_m876-4
scalance_mum856-1_firmware
scalance_mum856-1
simatic_cp_1543-1
siplus_net_cp_1543-1
simatic_rtu3030c_firmware
simatic_rtu3010c_firmware
scalance_s615
logo\!_cmr2020_firmware
simatic_rtu_3041c
logo\!_cmr2040
ruggedcomrm_1224_lte_firmware
sinec_infrastructure_network_services
scalance_m804pb
logo\!_cmr2040_firmware
simatic_rtu3031c_firmware
scalance_m876-3
simatic_rtu3010c
scalance_m804pb_firmware
simatic_cp_1543-1_firmware
simatic_cp_1545-1
scalance_m816-1_firmware

splunk

universal_forwarder

haxx

libcurl

oracle

mysql_server
peoplesoft_enterprise_peopletools

debian

debian_linux

netapp

clustered_data_ontap
cloud_backup
solidfire_\&_hci_management_node
solidfire_baseboard_management_controller_firmware

fedoraproject

fedora

CWE

CWE-20

Improper Input Validation

CWE-706

Use of Incorrectly-Resolved Name or Reference

3.7 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

JSON object

Attach tags to CVE-2021-22924

3.7^/10

4.3^/10

Attach tags to `CVE-2021-22924`