CVE-2018-21029
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication (SNI) is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname validation does not have anything to do with this issue (i.e. there is no hostname to be sent)
** EN DISPUTA ** systemd versiones 239 hasta la versión 245, acepta cualquier certificado firmado por parte de una autoridad de certificación de confianza para DNS Over TLS. La indicación de nombre de servidor (SNI) no se envía y no existe comprobación de nombre de host con el backend GnuTLS. NOTA: Esto ha sido discutido por el desarrollador como una vulnerabilidad, ya que la validación del hostname no tiene nada que ver con este problema (es decir, no hay ningún nombre de host que se envíe)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-10-30 CVE Reserved
- 2019-10-30 CVE Published
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- 2024-10-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
https://blog.cloudflare.com/dns-encryption-explained | Third Party Advisory | |
https://github.com/systemd/systemd/issues/9397 | Issue Tracking | |
https://security.netapp.com/advisory/ntap-20191122-0002 | Third Party Advisory | |
https://tools.ietf.org/html/rfc7858#section-4.1 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
https://github.com/systemd/systemd/blob/v239/man/resolved.conf.xml#L199-L207 | 2024-08-05 | |
https://github.com/systemd/systemd/blob/v243/man/resolved.conf.xml#L196-L207 | 2024-08-05 |
URL | Date | SRC |
---|---|---|
https://github.com/systemd/systemd/blob/v243/src/resolve/resolved-dnstls-gnutls.c#L62-L63 | 2024-05-17 | |
https://github.com/systemd/systemd/pull/13870 | 2024-05-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Systemd Project Search vendor "Systemd Project" | Systemd Search vendor "Systemd Project" for product "Systemd" | >= 239 < 244 Search vendor "Systemd Project" for product "Systemd" and version " >= 239 < 244" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 31 Search vendor "Fedoraproject" for product "Fedora" and version "31" | - |
Affected
|