Vulnerabilites related to redhat - enterprise_linux_computer_node
cve-2021-3672
Vulnerability from cvelistv5
Published
2021-11-23 00:00
Modified
2024-10-15 17:14
Severity ?
EPSS score ?
Summary
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:01:07.975Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988342", }, { tags: [ "x_transferred", ], url: "https://c-ares.haxx.se/adv_20210810.html", }, { tags: [ "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { tags: [ "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202401-02", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-02", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-3672", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:09:33.511285Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T17:14:27.220Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "c-ares", vendor: "n/a", versions: [ { status: "affected", version: "c-ares 1.17.2", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-05T10:06:20.709588", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988342", }, { url: "https://c-ares.haxx.se/adv_20210810.html", }, { url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { name: "GLSA-202401-02", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202401-02", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2021-3672", datePublished: "2021-11-23T00:00:00", dateReserved: "2021-07-30T00:00:00", dateUpdated: "2024-10-15T17:14:27.220Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-11-23 19:15
Modified
2024-11-21 06:22
Severity ?
Summary
A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*", matchCriteriaId: "10FA24BA-9FF1-4F19-89A1-1F0CC4197D65", versionEndExcluding: "1.17.2", versionStartIncluding: "1.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", matchCriteriaId: "E460AA51-FCDA-46B9-AE97-E6676AA5E194", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.7:*:*:*:*:*:*:*", matchCriteriaId: "5B1633BB-7D54-4564-BC1C-3B80BA6FF215", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_computer_node:1:*:*:*:*:*:*:*", matchCriteriaId: "EF09697E-CCAD-46D1-A9E1-5EB66686D75A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*", matchCriteriaId: "87C21FE1-EA5C-498F-9C6C-D05F91A88217", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "280D547B-F204-4848-9262-A103176B740C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "0AB105EC-19F9-424A-86F1-305A6FD74A9C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", matchCriteriaId: "47811209-5CE5-4375-8391-B0A7F6A0E420", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "8EB6F417-25D0-4A28-B7BA-D21929EAA9E9", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "E5C80DB2-4A78-4EC9-B2A8-1E4D902C4834", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "983533DD-3970-4A37-9A9C-582BD48AA1E5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", matchCriteriaId: "48C2E003-A71C-4D06-B8B3-F93160568182", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*", matchCriteriaId: "3921C1CF-A16D-4727-99AD-03EFFA7C91CA", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", matchCriteriaId: "BC6DD887-9744-43EA-8B3C-44C6B6339590", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "BF14A415-15BD-4A6C-87CF-675E09390474", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:1:*:*:*:*:*:*:*", matchCriteriaId: "20BAC14F-AED9-40EF-A53C-ABD23BC4FD52", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", matchCriteriaId: "B0F46497-4AB0-49A7-9453-CC26837BF253", versionEndExcluding: "1.0.1.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "564ED5C8-50D7-413A-B88E-E62B6C07336A", versionEndIncluding: "12.12.0", versionStartIncluding: "12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "BE107DA6-ABDC-4FDD-B37D-1E6BFBBA18BD", versionEndExcluding: "12.22.5", versionStartIncluding: "12.13.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "428DCD7B-6F66-4F18-B780-5BD80143D482", versionEndIncluding: "14.14.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", matchCriteriaId: "BB2960EF-D182-4E4F-9449-470B629D90E3", versionEndExcluding: "14.17.5", versionStartIncluding: "14.15.0", vulnerable: true, }, { criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", matchCriteriaId: "59F5CA28-E970-48C4-A406-31667C47F61D", versionEndExcluding: "16.6.2", versionStartIncluding: "16.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:pgbouncer:pgbouncer:*:*:*:*:*:*:*:*", matchCriteriaId: "FB6BBFFB-5899-4257-9C47-FCA5248BB169", versionEndIncluding: "1.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.", }, { lang: "es", value: "Se ha encontrado un fallo en la biblioteca c-ares, en la que una falta de comprobación de la comprobación de entrada de los nombres de host devueltos por los DNS (Servidores de Nombres de Dominio) puede conllevar a una salida de nombres de host erróneos, que podría conllevar potencialmente a un Secuestro de Dominios. La mayor amenaza de esta vulnerabilidad es para la confidencialidad e integridad, así como para la disponibilidad del sistema", }, ], id: "CVE-2021-3672", lastModified: "2024-11-21T06:22:07.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.6, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-23T19:15:07.877", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988342", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://c-ares.haxx.se/adv_20210810.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/202401-02", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1988342", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "https://c-ares.haxx.se/adv_20210810.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/202401-02", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }