CVE-2021-22898

Published on: 06/11/2021 12:00:00 AM UTC

Last Modified on: 08/30/2022 07:09:00 PM UTC

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Certain versions of Guacamole from Apache contain the following vulnerability:

curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol.

  • CVE-2021-22898 has been assigned by URL Logo suppor[email protected] to track the vulnerability - currently rated as LOW severity.

CVSS3 Score: 3.1 - LOW

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK HIGH NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED LOW NONE NONE

CVSS2 Score: 2.6 - LOW

Access
Vector
Access
Complexity
Authentication
NETWORK HIGH NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
HackerOne hackerone.com
text/html
URL Logo MISC hackerone.com/reports/1176461
oss-security - [SECURITY ADVISORY] curl: TELNET stack contents disclosure again www.openwall.com
text/html
URL Logo MLIST [oss-security] 20210721 [SECURITY ADVISORY] curl: TELNET stack contents disclosure again
Oracle Critical Patch Update Advisory - April 2022 www.oracle.com
text/html
URL Logo MISC www.oracle.com/security-alerts/cpuapr2022.html
Oracle Critical Patch Update Advisory - July 2021 www.oracle.com
text/html
URL Logo MISC www.oracle.com//security-alerts/cpujul2021.html
curl - TELNET stack contents disclosure - CVE-2021-22898 curl.se
text/html
URL Logo MISC curl.se/docs/CVE-2021-22898.html
Oracle Critical Patch Update Advisory - January 2022 www.oracle.com
text/html
URL Logo MISC www.oracle.com/security-alerts/cpujan2022.html
telnet: check sscanf() for correct number of matches · curl/curl@39ce47f · GitHub github.com
text/html
URL Logo MISC github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
[SECURITY] [DLA 2734-1] curl security update lists.debian.org
text/html
URL Logo MLIST [debian-lts-announce] 20210813 [SECURITY] [DLA 2734-1] curl security update
cert-portal.siemens.com
application/pdf
URL Logo CONFIRM cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Debian -- Security Information -- DSA-5197-1 curl www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-5197
[SECURITY] Fedora 33 Update: curl-7.71.1-10.fc33 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2021-5d21b90a30
[SECURITY] [DLA 3085-1] curl security update lists.debian.org
text/html
URL Logo MLIST [debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update
Pony Mail! lists.apache.org
text/html
URL Logo MLIST [guacamole-issues] 20210618 [jira] [Created] (GUACAMOLE-1368) Latest docker image fails security scans.
[SECURITY] Fedora 34 Update: curl-7.76.1-7.fc34 - package-announce - Fedora Mailing-Lists lists.fedoraproject.org
text/html
URL Logo FEDORA FEDORA-2021-83fdddca0f

Related QID Numbers

  • 159520 Oracle Enterprise Linux Security Update for curl (ELSA-2021-4511)
  • 178759 Debian Security Update for curl (DLA 2734-1)
  • 180909 Debian Security Update for curl (DSA 5197-1)
  • 180969 Debian Security Update for curl (DLA 3085-1)
  • 182775 Debian Security Update for curl (CVE-2021-22898)
  • 198441 Ubuntu Security Notification for curl vulnerabilities (USN-5021-1)
  • 199491 Ubuntu Security Notification for curl Vulnerabilities (USN-5894-1)
  • 239832 Red Hat Update for curl (RHSA-2021:4511)
  • 281101 Fedora Security Update for curl (FEDORA-2021-eb5b7c53a9)
  • 281737 Fedora Security Update for curl (FEDORA-2021-83fdddca0f)
  • 281795 Fedora Security Update for curl (FEDORA-2021-5d21b90a30)
  • 296065 Oracle Solaris 11.4 Support Repository Update (SRU) 39.107.1 Missing (CPUOCT2021)
  • 352402 Amazon Linux Security Advisory for curl: ALAS2-2021-1653
  • 352482 Amazon Linux Security Advisory for curl: ALAS-2021-1509
  • 352823 Amazon Linux Security Advisory for curl: AL2012-2021-347
  • 352843 Amazon Linux Security Advisory for curl: ALAS2-2021-1700
  • 378599 Splunk Enterprise Third Party Package Updates for June (SVD-2023-0613)
  • 500135 Alpine Linux Security Update for curl
  • 591406 Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)
  • 670481 EulerOS Security Update for curl (EulerOS-SA-2021-2239)
  • 670507 EulerOS Security Update for curl (EulerOS-SA-2021-2265)
  • 670532 EulerOS Security Update for curl (EulerOS-SA-2021-2290)
  • 670567 EulerOS Security Update for curl (EulerOS-SA-2021-2325)
  • 670606 EulerOS Security Update for curl (EulerOS-SA-2021-2364)
  • 670699 EulerOS Security Update for curl (EulerOS-SA-2021-2457)
  • 671006 EulerOS Security Update for curl (EulerOS-SA-2021-2577)
  • 710078 Gentoo Linux cURL Multiple vulnerabilities (GLSA 202105-36)
  • 750038 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1763-1)
  • 750040 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1762-1)
  • 750044 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1763-1)
  • 750046 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1762-1)
  • 750055 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1786-1)
  • 750062 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1762-1)
  • 750081 SUSE Enterprise Linux Security Update for curl (SUSE-SU-2021:1809-1)
  • 750188 OpenSUSE Security Update for curl (openSUSE-SU-2021:0808-1)
  • 750792 OpenSUSE Security Update for curl (openSUSE-SU-2021:1762-1)
  • 900067 CBL-Mariner Linux Security Update for curl 7.76.0
  • 901518 Common Base Linux Mariner (CBL-Mariner) Security Update for curl (6359-1)
  • 902945 Common Base Linux Mariner (CBL-Mariner) Security Update for curl (4369)
  • 940095 AlmaLinux Security Update for curl (ALSA-2021:4511)

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationApacheGuacamole1.3.0-AllAll
Operating
System
DebianDebian Linux9.0AllAllAll
Operating
System
FedoraprojectFedora33AllAllAll
Operating
System
FedoraprojectFedora34AllAllAll
ApplicationHaxxCurlAllAllAllAll
ApplicationOracleCommunications Cloud Native Core Binding Support Function1.11.0AllAllAll
ApplicationOracleCommunications Cloud Native Core Network Function Cloud Native Environment1.10.0AllAllAll
ApplicationOracleCommunications Cloud Native Core Network Repository Function1.15.0AllAllAll
ApplicationOracleCommunications Cloud Native Core Network Repository Function1.15.1AllAllAll
ApplicationOracleCommunications Cloud Native Core Network Slice Selection Function1.8.0AllAllAll
ApplicationOracleCommunications Cloud Native Core Service Communication Proxy1.15.0AllAllAll
ApplicationOracleEssbaseAllAllAllAll
ApplicationOracleMysql ServerAllAllAllAll
ApplicationSiemensSinec Infrastructure Network ServicesAllAllAllAll
  • cpe:2.3:a:apache:guacamole:1.3.0:-:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*:
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*:
  • cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:essbase:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @mkviitanen libcurl vulnerabilities: curl.se/docs/CVE-2021-… curl.se/docs/CVE-2021-… curl.se/docs/CVE-2021-… 2021-05-26 06:43:07
Twitter Icon @CVEreport CVE-2021-22898 : curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option,… twitter.com/i/web/status/1… 2021-06-11 16:14:05
Twitter Icon @LinInfoSec Curl - CVE-2021-22898: hackerone.com/reports/1176461 2021-06-11 18:15:24
Reddit Logo Icon /r/netcve CVE-2021-22898 2021-06-11 16:41:55
© CVE.report 2023 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report