CVE-2024-0853
OCSP verification bypass with TLS session reuse
Severity Score
5.3
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to
the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.
curl inadvertidamente mantuvo el ID de sesión SSL para las conexiones en su caché incluso cuando falló la prueba de verificación del estado (*OCSP stapling*). Una transferencia posterior al mismo nombre de host podría tener éxito si la caché de ID de sesión aún estuviera actualizada, lo que luego omitiría la verificación de estado de verificación.
*Credits:
Hiroki Kurosawa, Daniel Stenberg
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-01-24 CVE Reserved
- 2024-02-03 CVE Published
- 2024-05-04 EPSS Updated
- 2024-08-01 CVE Updated
- 2024-08-01 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20240307-0004 |
|
|
| https://security.netapp.com/advisory/ntap-20240426-0009 |
|
|
| https://security.netapp.com/advisory/ntap-20240503-0012 |
|
| URL | Date | SRC |
|---|---|---|
| https://hackerone.com/reports/2298922 | 2024-08-01 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://curl.se/docs/CVE-2024-0853.html | 2024-05-03 | |
| https://curl.se/docs/CVE-2024-0853.json | 2024-05-03 |