CVE-2017-7468
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the previous certificate (or no certificate). libcurl supports by default the use of TLS session id/ticket to resume previous TLS sessions to speed up subsequent TLS handshakes. They are used when for any reason an existing TLS connection couldn't be kept alive to make the next handshake faster. This flaw is a regression and identical to CVE-2016-5419 reported on August 3rd 2016, but affecting a different version range.
En curl y libcurl 7.52.0 hasta e incluyendo la versión 7.53.1, libcurl intenta retomar una sesión TLS aunque el certificado del cliente haya cambiado. Esto es inaceptable, ya que un servidor por sus especificaciones puede saltarse la comprobación de certificado de cliente al retomar su operativa para emplear en su lugar la identidad antigua que fue establecida por el anterior certificado (o no certificado). Por defecto, libcurl soporta el uso de un ID/ticket TLS para retomar sesiones TLS anteriores para acelerar los handshakes TLS subsecuentes. Se emplean cuando, por algún motivo, una conexión TLS no pudo mantenerse activa para hacer que el siguiente handshake fuese más rápido. Este error es una regresión y es idéntico a CVE-2016-5419, reportado el 3 de agosto de 2016, pero afectando a un rango de versiones diferente.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-04-05 CVE Reserved
- 2017-04-21 CVE Published
- 2024-01-16 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/97962 | Third Party Advisory | |
http://www.securitytracker.com/id/1038341 | Third Party Advisory | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7468 | Issue Tracking |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://curl.haxx.se/docs/adv_20170419.html | 2019-10-09 | |
https://security.gentoo.org/glsa/201709-14 | 2019-10-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Haxx Search vendor "Haxx" | Libcurl Search vendor "Haxx" for product "Libcurl" | >= 7.52.0 <= 7.53.1 Search vendor "Haxx" for product "Libcurl" and version " >= 7.52.0 <= 7.53.1" | - |
Affected
|