// For flags

CVE-2013-4545

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification (CURLOPT_SSL_VERIFYHOST) when the digital signature verification (CURLOPT_SSL_VERIFYPEER) is disabled, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

cURL y libcurl 7.18.0 hasta la versión 7.32.0, cuando es compilado con OpenSSL, desactiva la verificación del nombre de campos del certificado CN y SAN (CURLOPT_SSL_VERIFYHOST) cuando la verificación de firma digital (CURLOPT_SSL_VERIFYPEER) está desactivada, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a través de un certificado válido arbitrario.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-06-12 CVE Reserved
  • 2013-11-18 CVE Published
  • 2023-07-06 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-310: Cryptographic Issues
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.18.0
Search vendor "Haxx" for product "Curl" and version "7.18.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.18.1
Search vendor "Haxx" for product "Curl" and version "7.18.1"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.18.2
Search vendor "Haxx" for product "Curl" and version "7.18.2"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.0
Search vendor "Haxx" for product "Curl" and version "7.19.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.1
Search vendor "Haxx" for product "Curl" and version "7.19.1"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.2
Search vendor "Haxx" for product "Curl" and version "7.19.2"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.3
Search vendor "Haxx" for product "Curl" and version "7.19.3"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.4
Search vendor "Haxx" for product "Curl" and version "7.19.4"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.5
Search vendor "Haxx" for product "Curl" and version "7.19.5"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.6
Search vendor "Haxx" for product "Curl" and version "7.19.6"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.19.7
Search vendor "Haxx" for product "Curl" and version "7.19.7"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.20.0
Search vendor "Haxx" for product "Curl" and version "7.20.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.20.1
Search vendor "Haxx" for product "Curl" and version "7.20.1"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.0
Search vendor "Haxx" for product "Curl" and version "7.21.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.1
Search vendor "Haxx" for product "Curl" and version "7.21.1"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.2
Search vendor "Haxx" for product "Curl" and version "7.21.2"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.3
Search vendor "Haxx" for product "Curl" and version "7.21.3"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.4
Search vendor "Haxx" for product "Curl" and version "7.21.4"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.5
Search vendor "Haxx" for product "Curl" and version "7.21.5"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.6
Search vendor "Haxx" for product "Curl" and version "7.21.6"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.21.7
Search vendor "Haxx" for product "Curl" and version "7.21.7"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.22.0
Search vendor "Haxx" for product "Curl" and version "7.22.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.23.0
Search vendor "Haxx" for product "Curl" and version "7.23.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.23.1
Search vendor "Haxx" for product "Curl" and version "7.23.1"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.24.0
Search vendor "Haxx" for product "Curl" and version "7.24.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.25.0
Search vendor "Haxx" for product "Curl" and version "7.25.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.26.0
Search vendor "Haxx" for product "Curl" and version "7.26.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.27.0
Search vendor "Haxx" for product "Curl" and version "7.27.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.28.0
Search vendor "Haxx" for product "Curl" and version "7.28.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.28.1
Search vendor "Haxx" for product "Curl" and version "7.28.1"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.29.0
Search vendor "Haxx" for product "Curl" and version "7.29.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.30.0
Search vendor "Haxx" for product "Curl" and version "7.30.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.31.0
Search vendor "Haxx" for product "Curl" and version "7.31.0"
-
Affected
Haxx
Search vendor "Haxx"
Curl
Search vendor "Haxx" for product "Curl"
7.32.0
Search vendor "Haxx" for product "Curl" and version "7.32.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.18.0
Search vendor "Haxx" for product "Libcurl" and version "7.18.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.18.1
Search vendor "Haxx" for product "Libcurl" and version "7.18.1"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.18.2
Search vendor "Haxx" for product "Libcurl" and version "7.18.2"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.0
Search vendor "Haxx" for product "Libcurl" and version "7.19.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.1
Search vendor "Haxx" for product "Libcurl" and version "7.19.1"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.2
Search vendor "Haxx" for product "Libcurl" and version "7.19.2"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.3
Search vendor "Haxx" for product "Libcurl" and version "7.19.3"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.4
Search vendor "Haxx" for product "Libcurl" and version "7.19.4"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.5
Search vendor "Haxx" for product "Libcurl" and version "7.19.5"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.6
Search vendor "Haxx" for product "Libcurl" and version "7.19.6"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.19.7
Search vendor "Haxx" for product "Libcurl" and version "7.19.7"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.20.0
Search vendor "Haxx" for product "Libcurl" and version "7.20.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.20.1
Search vendor "Haxx" for product "Libcurl" and version "7.20.1"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.0
Search vendor "Haxx" for product "Libcurl" and version "7.21.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.1
Search vendor "Haxx" for product "Libcurl" and version "7.21.1"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.2
Search vendor "Haxx" for product "Libcurl" and version "7.21.2"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.3
Search vendor "Haxx" for product "Libcurl" and version "7.21.3"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.4
Search vendor "Haxx" for product "Libcurl" and version "7.21.4"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.5
Search vendor "Haxx" for product "Libcurl" and version "7.21.5"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.6
Search vendor "Haxx" for product "Libcurl" and version "7.21.6"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.21.7
Search vendor "Haxx" for product "Libcurl" and version "7.21.7"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.22.0
Search vendor "Haxx" for product "Libcurl" and version "7.22.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.23.0
Search vendor "Haxx" for product "Libcurl" and version "7.23.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.23.1
Search vendor "Haxx" for product "Libcurl" and version "7.23.1"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.24.0
Search vendor "Haxx" for product "Libcurl" and version "7.24.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.25.0
Search vendor "Haxx" for product "Libcurl" and version "7.25.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.26.0
Search vendor "Haxx" for product "Libcurl" and version "7.26.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.27.0
Search vendor "Haxx" for product "Libcurl" and version "7.27.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.28.0
Search vendor "Haxx" for product "Libcurl" and version "7.28.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.28.1
Search vendor "Haxx" for product "Libcurl" and version "7.28.1"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.29.0
Search vendor "Haxx" for product "Libcurl" and version "7.29.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.30.0
Search vendor "Haxx" for product "Libcurl" and version "7.30.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.31.0
Search vendor "Haxx" for product "Libcurl" and version "7.31.0"
-
Affected
Haxx
Search vendor "Haxx"
Libcurl
Search vendor "Haxx" for product "Libcurl"
7.32.0
Search vendor "Haxx" for product "Libcurl" and version "7.32.0"
-
Affected