CWE-295
Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.
CVE-2021-22511 (GCVE-0-2021-22511)
Vulnerability from cvelistv5 – Published: 2021-04-08 21:27 – Updated: 2024-08-03 18:44
VLAI
Summary
Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates.
Severity
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.jenkins.io/security/advisory/2021-04-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Micro Focus Application Automation Tools Plugin - Jenkins plugin. |
Affected:
6.7 and earlier versions.
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:13.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2176"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Micro Focus Application Automation Tools Plugin - Jenkins plugin.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.7 and earlier versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation.",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-08T21:27:24.000Z",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2176"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"ID": "CVE-2021-22511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Micro Focus Application Automation Tools Plugin - Jenkins plugin.",
"version": {
"version_data": [
{
"version_value": "6.7 and earlier versions."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2176",
"refsource": "MISC",
"url": "https://www.jenkins.io/security/advisory/2021-04-07/#SECURITY-2176"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2021-22511",
"datePublished": "2021-04-08T21:27:24.000Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:44:13.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22895 (GCVE-0-2021-22895)
Vulnerability from cvelistv5 – Published: 2021-06-11 15:49 – Updated: 2024-08-03 18:58
VLAI
Summary
Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the "Register with a Provider" flow.
Severity
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation (CWE-295)
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://hackerone.com/reports/903424 | x_refsource_MISC |
| https://github.com/nextcloud/desktop/pull/2926 | x_refsource_MISC |
| https://github.com/nextcloud/desktop/releases/tag… | x_refsource_MISC |
| https://github.com/nextcloud/security-advisories/… | x_refsource_MISC |
| https://www.debian.org/security/2021/dsa-4974 | vendor-advisoryx_refsource_DEBIAN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Nextcloud Desktop Client |
Affected:
Fixed in 3.3.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:25.644Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/903424"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/desktop/pull/2926"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/desktop/releases/tag/v3.1.3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5"
},
{
"name": "DSA-4974",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4974"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Nextcloud Desktop Client",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the \"Register with a Provider\" flow."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Improper Certificate Validation (CWE-295)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-19T23:06:09.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/903424"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/desktop/pull/2926"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/desktop/releases/tag/v3.1.3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5"
},
{
"name": "DSA-4974",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4974"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-22895",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Nextcloud Desktop Client",
"version": {
"version_data": [
{
"version_value": "Fixed in 3.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certificate validation due to lack of SSL certificate verification when using the \"Register with a Provider\" flow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Certificate Validation (CWE-295)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hackerone.com/reports/903424",
"refsource": "MISC",
"url": "https://hackerone.com/reports/903424"
},
{
"name": "https://github.com/nextcloud/desktop/pull/2926",
"refsource": "MISC",
"url": "https://github.com/nextcloud/desktop/pull/2926"
},
{
"name": "https://github.com/nextcloud/desktop/releases/tag/v3.1.3",
"refsource": "MISC",
"url": "https://github.com/nextcloud/desktop/releases/tag/v3.1.3"
},
{
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5",
"refsource": "MISC",
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5"
},
{
"name": "DSA-4974",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4974"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22895",
"datePublished": "2021-06-11T15:49:38.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-03T18:58:25.644Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22939 (GCVE-0-2021-22939)
Vulnerability from cvelistv5 – Published: 2021-08-16 00:00 – Updated: 2025-04-30 22:24
VLAI
Summary
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.
Severity
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation (CWE-295)
Assigner
References
9 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NodeJS | Node |
Affected:
4.0 , < 4.*
(semver)
Affected: 5.0 , < 5.* (semver) Affected: 6.0 , < 6.* (semver) Affected: 7.0 , < 7.* (semver) Affected: 8.0 , < 8.* (semver) Affected: 9.0 , < 9.* (semver) Affected: 10.0 , < 10.* (semver) Affected: 11.0 , < 11.* (semver) Affected: 12.0 , < 12.22.5 (semver) Affected: 13.0 , < 13.* (semver) Affected: 14.0 , < 14.17.5 (semver) Affected: 15.0 , < 15.* (semver) Affected: 16.0 , < 16.6.2 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:58:26.311Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/"
},
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1278254"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20210917-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "[debian-lts-announce] 20221005 [SECURITY] [DLA 3137-1] nodejs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html"
},
{
"name": "GLSA-202401-02",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202401-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Node",
"vendor": "NodeJS",
"versions": [
{
"lessThan": "4.*",
"status": "affected",
"version": "4.0",
"versionType": "semver"
},
{
"lessThan": "5.*",
"status": "affected",
"version": "5.0",
"versionType": "semver"
},
{
"lessThan": "6.*",
"status": "affected",
"version": "6.0",
"versionType": "semver"
},
{
"lessThan": "7.*",
"status": "affected",
"version": "7.0",
"versionType": "semver"
},
{
"lessThan": "8.*",
"status": "affected",
"version": "8.0",
"versionType": "semver"
},
{
"lessThan": "9.*",
"status": "affected",
"version": "9.0",
"versionType": "semver"
},
{
"lessThan": "10.*",
"status": "affected",
"version": "10.0",
"versionType": "semver"
},
{
"lessThan": "11.*",
"status": "affected",
"version": "11.0",
"versionType": "semver"
},
{
"lessThan": "12.22.5",
"status": "affected",
"version": "12.0",
"versionType": "semver"
},
{
"lessThan": "13.*",
"status": "affected",
"version": "13.0",
"versionType": "semver"
},
{
"lessThan": "14.17.5",
"status": "affected",
"version": "14.0",
"versionType": "semver"
},
{
"lessThan": "15.*",
"status": "affected",
"version": "15.0",
"versionType": "semver"
},
{
"lessThan": "16.6.2",
"status": "affected",
"version": "16.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "If the Node.js https API was used incorrectly and \"undefined\" was in passed for the \"rejectUnauthorized\" parameter, no error was returned and connections to servers with an expired certificate would have been accepted."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "Improper Certificate Validation (CWE-295)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T22:24:36.404Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/"
},
{
"url": "https://hackerone.com/reports/1278254"
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210917-0003/"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"name": "[debian-lts-announce] 20221005 [SECURITY] [DLA 3137-1] nodejs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00006.html"
},
{
"name": "GLSA-202401-02",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202401-02"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-22939",
"datePublished": "2021-08-16T00:00:00.000Z",
"dateReserved": "2021-01-06T00:00:00.000Z",
"dateUpdated": "2025-04-30T22:24:36.404Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23167 (GCVE-0-2021-23167)
Vulnerability from cvelistv5 – Published: 2021-11-18 18:00 – Updated: 2024-09-17 02:05
VLAI
Summary
Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3); 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; version 8.20 and prior versions.
Severity
8.1 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.gallagher.com/Security-Advisorie… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Gallagher | Command Centre |
Affected:
unspecified , ≤ 8.20
(custom)
Affected: 8.50 , < 8.50.2048 (MR3) (custom) Affected: 8.40 , < 8.40.2063 (MR4) (custom) Affected: 8.30 , < 8.30.1454 (MR4) (custom) |
Date Public
2021-11-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:05:55.755Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23167"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Command Centre",
"vendor": "Gallagher",
"versions": [
{
"lessThanOrEqual": "8.20",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "8.50.2048 (MR3)",
"status": "affected",
"version": "8.50",
"versionType": "custom"
},
{
"lessThan": "8.40.2063 (MR4)",
"status": "affected",
"version": "8.40",
"versionType": "custom"
},
{
"lessThan": "8.30.1454 (MR4)",
"status": "affected",
"version": "8.30",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3); 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; version 8.20 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-18T18:00:40.000Z",
"orgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"shortName": "Gallagher"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23167"
}
],
"source": {
"discovery": "INTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "disclosures@gallagher.com",
"DATE_PUBLIC": "2021-11-15T07:34:00.000Z",
"ID": "CVE-2021-23167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Command Centre",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.50",
"version_value": "8.50.2048 (MR3)"
},
{
"version_affected": "\u003c",
"version_name": "8.40",
"version_value": "8.40.2063 (MR4)"
},
{
"version_affected": "\u003c",
"version_name": "8.30",
"version_value": "8.30.1454 (MR4)"
},
{
"version_affected": "\u003c=",
"version_value": "8.20"
}
]
}
}
]
},
"vendor_name": "Gallagher"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper certificate validation vulnerability in SMTP Client allows man-in-the-middle attack to retrieve sensitive information from the Command Centre Server. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3); 8.40 versions prior to 8.40.2063 (MR4); 8.30 versions prior to 8.30.1454 (MR4) ; version 8.20 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.gallagher.com/Security-Advisories/CVE-2021-23167",
"refsource": "MISC",
"url": "https://security.gallagher.com/Security-Advisories/CVE-2021-23167"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "0c426f27-3ee1-4eff-be88-288d5a1822bc",
"assignerShortName": "Gallagher",
"cveId": "CVE-2021-23167",
"datePublished": "2021-11-18T18:00:40.281Z",
"dateReserved": "2021-01-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T02:05:57.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25633 (GCVE-0-2021-25633)
Vulnerability from cvelistv5 – Published: 2021-10-11 16:43 – Updated: 2024-09-16 18:28
VLAI
Title
Content Manipulation with Double Certificate Attack
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
Severity
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.libreoffice.org/about-us/security/adv… | x_refsource_MISC |
| https://www.debian.org/security/2021/dsa-4988 | vendor-advisoryx_refsource_DEBIAN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Document Foundation | LibreOffice |
Affected:
7-0 , < 7.0.6
(custom)
Affected: 7-1 , < 7.1.2 (custom) |
Date Public
2021-10-11 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.0.6",
"status": "affected",
"version": "7-0",
"versionType": "custom"
},
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7-1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NDS of Ruhr University Bochum"
}
],
"datePublic": "2021-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-17T10:06:21.000Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Content Manipulation with Double Certificate Attack",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-10-11T00:00:00.000Z",
"ID": "CVE-2021-25633",
"STATE": "PUBLIC",
"TITLE": "Content Manipulation with Double Certificate Attack"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7-0",
"version_value": "7.0.6"
},
{
"version_affected": "\u003c",
"version_name": "7-1",
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "NDS of Ruhr University Bochum"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25633",
"datePublished": "2021-10-11T16:43:34.400Z",
"dateReserved": "2021-01-19T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:28:34.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25634 (GCVE-0-2021-25634)
Vulnerability from cvelistv5 – Published: 2021-10-12 13:33 – Updated: 2024-09-17 00:46
VLAI
Title
Timestamp Manipulation with Signature Wrapping
Summary
LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.
Severity
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.libreoffice.org/about-us/security/adv… | x_refsource_MISC |
| https://www.debian.org/security/2021/dsa-4988 | vendor-advisoryx_refsource_DEBIAN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Document Foundation | LibreOffice |
Affected:
7-0 , < 7.0.6
(custom)
Affected: 7-1 , < 7.1.2 (custom) |
Date Public
2021-10-11 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:11:27.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.0.6",
"status": "affected",
"version": "7-0",
"versionType": "custom"
},
{
"lessThan": "7.1.2",
"status": "affected",
"version": "7-1",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "NDS of Ruhr University Bochum"
}
],
"datePublic": "2021-10-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-17T10:06:24.000Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"name": "DSA-4988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4988"
}
],
"solutions": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Timestamp Manipulation with Signature Wrapping",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@documentfoundation.org",
"DATE_PUBLIC": "2021-10-11T00:00:00.000Z",
"ID": "CVE-2021-25634",
"STATE": "PUBLIC",
"TITLE": "Timestamp Manipulation with Signature Wrapping"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "LibreOffice",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "7-0",
"version_value": "7.0.6"
},
{
"version_affected": "\u003c",
"version_name": "7-1",
"version_value": "7.1.2"
}
]
}
}
]
},
"vendor_name": "The Document Foundation"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "NDS of Ruhr University Bochum"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to modify a digitally signed ODF document to insert an additional signing time timestamp which LibreOffice would incorrectly present as a valid signature signed at the bogus signing time. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634",
"refsource": "MISC",
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634"
},
{
"name": "DSA-4988",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4988"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update to 7.0.6 or 7.1.2 or 7.2.0"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25634",
"datePublished": "2021-10-12T13:33:54.266Z",
"dateReserved": "2021-01-19T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:46:33.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-25635 (GCVE-0-2021-25635)
Vulnerability from cvelistv5 – Published: 2025-03-21 14:52 – Updated: 2025-03-21 15:13
VLAI
Title
Content Manipulation with Certificate Validation Attack
Summary
An Improper Certificate Validation vulnerability in LibreOffice allowed
an attacker to self sign an ODF document, with a signature untrusted by
the target, then modify it to change the signature algorithm to an
invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a
valid signature issued by a trusted person
This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
Severity
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The Document Foundation | LibreOffice |
Affected:
7.0 , < 7.0.5
(7.0 series)
Affected: 7.1 , < 7.1.1 (7.1 series) |
Date Public
2021-10-11 14:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-25635",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-21T15:13:07.905943Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T15:13:24.100Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "LibreOffice",
"vendor": "The Document Foundation",
"versions": [
{
"lessThan": "7.0.5",
"status": "affected",
"version": "7.0",
"versionType": "7.0 series"
},
{
"lessThan": "7.1.1",
"status": "affected",
"version": "7.1",
"versionType": "7.1 series"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "NDS of Ruhr University Bochum"
}
],
"datePublic": "2021-10-11T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eAn Improper Certificate Validation vulnerability in LibreOffice allowed \nan attacker to self sign an ODF document, with a signature untrusted by \nthe target, then modify it to change the signature algorithm to an \ninvalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a \nvalid signature issued by a trusted person\u003cbr\u003e\u003c/div\u003e\u003cp\u003eThis issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.\u003c/p\u003e"
}
],
"value": "An Improper Certificate Validation vulnerability in LibreOffice allowed \nan attacker to self sign an ODF document, with a signature untrusted by \nthe target, then modify it to change the signature algorithm to an \ninvalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a \nvalid signature issued by a trusted person\n\n\nThis issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1."
}
],
"impacts": [
{
"capecId": "CAPEC-475",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-475 Signature Spoofing by Improper Validation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-21T14:52:50.484Z",
"orgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"shortName": "Document Fdn."
},
"references": [
{
"url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Content Manipulation with Certificate Validation Attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4fe7d05b-1353-44cc-8b7a-1e416936dff2",
"assignerShortName": "Document Fdn.",
"cveId": "CVE-2021-25635",
"datePublished": "2025-03-21T14:52:50.484Z",
"dateReserved": "2021-01-19T22:48:43.994Z",
"dateUpdated": "2025-03-21T15:13:24.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-26320 (GCVE-0-2021-26320)
Vulnerability from cvelistv5 – Published: 2021-11-16 18:05 – Updated: 2024-09-16 18:34
VLAI
Summary
Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP
Severity
No CVSS data available.
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.amd.com/en/corporate/product-security… | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | 1st Gen AMD EPYC™ |
Affected:
unspecified , < NaplesPI-SP3_1.0.0.G
(custom)
|
|
| AMD | 2nd Gen AMD EPYC™ |
Affected:
unspecified , < RomePI-SP3_1.0.0.C
(custom)
|
|
| AMD | 3rd Gen AMD EPYC™ |
Affected:
unspecified , < MilanPI-SP3_1.0.0.4
(custom)
|
Date Public
2021-11-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:19:20.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "1st Gen AMD EPYC\u2122",
"vendor": "AMD",
"versions": [
{
"lessThan": "NaplesPI-SP3_1.0.0.G",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "2nd Gen AMD EPYC\u2122",
"vendor": "AMD",
"versions": [
{
"lessThan": "RomePI-SP3_1.0.0.C",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "3rd Gen AMD EPYC\u2122",
"vendor": "AMD",
"versions": [
{
"lessThan": "MilanPI-SP3_1.0.0.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-16T18:05:10.000Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021"
}
],
"source": {
"advisory": "AMD-SB-1021",
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-11-09T20:00:00.000Z",
"ID": "CVE-2021-26320",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "1st Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "NaplesPI-SP3_1.0.0.G"
}
]
}
},
{
"product_name": "2nd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "RomePI-SP3_1.0.0.C"
}
]
}
},
{
"product_name": "3rd Gen AMD EPYC\u2122",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "MilanPI-SP3_1.0.0.4"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient validation of the AMD SEV Signing Key (ASK) in the SEND_START command in the SEV Firmware may allow a local authenticated attacker to perform a denial of service of the PSP"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021",
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1021"
}
]
},
"source": {
"advisory": "AMD-SB-1021",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2021-26320",
"datePublished": "2021-11-16T18:05:10.770Z",
"dateReserved": "2021-01-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:34:19.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27257 (GCVE-0-2021-27257)
Vulnerability from cvelistv5 – Published: 2021-03-05 20:00 – Updated: 2024-08-03 20:48
VLAI
Summary
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362.
Severity
6.5 (Medium)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://kb.netgear.com/000062883/Security-Advisor… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:15.995Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "R7800",
"vendor": "NETGEAR",
"versions": [
{
"status": "affected",
"version": "firmware version 1.0.2.76"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "botto"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-05T20:00:26.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"ID": "CVE-2021-27257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "R7800",
"version": {
"version_data": [
{
"version_value": "firmware version 1.0.2.76"
}
]
}
}
]
},
"vendor_name": "NETGEAR"
}
]
}
},
"credit": "botto",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-12362."
}
]
},
"impact": {
"cvss": {
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295: Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders",
"refsource": "MISC",
"url": "https://kb.netgear.com/000062883/Security-Advisory-for-Multiple-Vulnerabilities-on-Some-Routers-Satellites-and-Extenders"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-264/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2021-27257",
"datePublished": "2021-03-05T20:00:26.000Z",
"dateReserved": "2021-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-03T20:48:15.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29495 (GCVE-0-2021-29495)
Vulnerability from cvelistv5 – Published: 2021-05-07 15:15 – Updated: 2024-08-03 22:11
VLAI
Title
Nim stdlib httpClient does not validate peer certificates by default
Summary
Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set "verifyMode = CVerifyPeer" as documented.
Severity
5.9 (Medium)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/nim-lang/security/security/adv… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:11:05.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/nim-lang/security/security/advisories/GHSA-9vqv-2jj9-7mqr"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "security",
"vendor": "nim-lang",
"versions": [
{
"status": "affected",
"version": "\u003c 1.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set \"verifyMode = CVerifyPeer\" as documented."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-07T15:15:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/nim-lang/security/security/advisories/GHSA-9vqv-2jj9-7mqr"
}
],
"source": {
"advisory": "GHSA-9vqv-2jj9-7mqr",
"discovery": "UNKNOWN"
},
"title": "Nim stdlib httpClient does not validate peer certificates by default",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-29495",
"STATE": "PUBLIC",
"TITLE": "Nim stdlib httpClient does not validate peer certificates by default"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "security",
"version": {
"version_data": [
{
"version_value": "\u003c 1.4.2"
}
]
}
}
]
},
"vendor_name": "nim-lang"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a workaround, set \"verifyMode = CVerifyPeer\" as documented."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-295 Improper Certificate Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/nim-lang/security/security/advisories/GHSA-9vqv-2jj9-7mqr",
"refsource": "CONFIRM",
"url": "https://github.com/nim-lang/security/security/advisories/GHSA-9vqv-2jj9-7mqr"
}
]
},
"source": {
"advisory": "GHSA-9vqv-2jj9-7mqr",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-29495",
"datePublished": "2021-05-07T15:15:10.000Z",
"dateReserved": "2021-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-03T22:11:05.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phases: Architecture and Design, Implementation
Description:
- Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.
Mitigation
Phase: Implementation
Description:
- If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
CAPEC-459: Creating a Rogue Certification Authority Certificate
An adversary exploits a weakness resulting from using a hashing algorithm with weak collision resistance to generate certificate signing requests (CSR) that contain collision blocks in their "to be signed" parts. The adversary submits one CSR to be signed by a trusted certificate authority then uses the signed blob to make a second certificate appear signed by said certificate authority. Due to the hash collision, both certificates, though different, hash to the same value and so the signed blob works just as well in the second certificate. The net effect is that the adversary's second X.509 certificate, which the Certification Authority has never seen, is now signed and validated by that Certification Authority.
CAPEC-475: Signature Spoofing by Improper Validation
An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.