Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-3601

Опубликовано: 15 июн. 2021
Источник: redhat
CVSS3: 3.3

Описание

A flaw was found in the way OpenSSL will accept a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA if it is present in the trusted bundle. This flaw allows an attacker with access to a private key, of which the corresponding certificate is in the trust bundle, to use this flaw for MITM to any connection from the victim machine.

Отчет

It was found that OpenSSL will accept a certificate with explicitly set Basic Constraints to CA:FALSE as a valid CA if it is present in the trusted bundle. The exploitability of this bug is limited; the attacker needs to get access to a private key of which the corresponding certificate is in the trust bundle. The attacker is able to leverage this certificate to MITM any connection from the victim machine, not just ones to the specific server that uses the self-signed certificate.

Меры по смягчению последствий

Red Hat recommends not to include self-signed server certificates in system trust bundle, even with CA:FALSE, as they are considered full-fledged Certificate Authorities.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6opensslOut of support scope
Red Hat Enterprise Linux 7opensslOut of support scope
Red Hat Enterprise Linux 8opensslNot affected
Red Hat Enterprise Linux 9opensslNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-295
https://bugzilla.redhat.com/show_bug.cgi?id=1970201openssl: Certificate with CA:FALSE is accepted as valid CA cert

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-3601

ubuntu
больше 3 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061

nvd логотип

CVE-2021-3601

nvd
больше 3 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061

3.3 Low

CVSS3