CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability.

CVSS v3.0 5.6 MEDIUM
CVSS v2.0 6.8 MEDIUM

5.6^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://c-ares.haxx.se/adv_20210810.html	Exploit Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1988342	Issue Tracking Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:33:::::::*
	cpe:2.3:o:fedoraproject:fedora:34:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_tus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_computer_node:1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:1:::::::*

Configuration 4 (hide)

cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*

Configuration 5 (hide)

OR	cpe:2.3:a:nodejs:node.js:::::-:::*
	cpe:2.3:a:nodejs:node.js:::::-:::*
	cpe:2.3:a:nodejs:node.js:::::lts:::*
	cpe:2.3:a:nodejs:node.js:::::-:::*
	cpe:2.3:a:nodejs:node.js:::::lts:::*

Configuration 6 (hide)

cpe:2.3:a:pgbouncer:pgbouncer:*:*:*:*:*:*:*:*

Information

Published : 2021-11-23 11:15

Updated : 2022-10-18 07:57

NVD link : CVE-2021-3672

Mitre link : CVE-2021-3672

JSON object : View

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Products Affected

redhat

enterprise_linux_for_power_little_endian
enterprise_linux
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_for_ibm_z_systems
enterprise_linux_server_tus
enterprise_linux_for_ibm_z_systems_eus
enterprise_linux_computer_node
enterprise_linux_server_update_services_for_sap_solutions
enterprise_linux_for_power_little_endian_eus
enterprise_linux_tus
enterprise_linux_eus

c-ares_project

c-ares

nodejs

node.js

pgbouncer

pgbouncer

fedoraproject

fedora

siemens

sinec_infrastructure_network_services

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://c-ares.haxx.se/adv_20210810.html", "name": "https://c-ares.haxx.se/adv_20210810.html", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "MISC"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1988342", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1988342", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf", "tags": ["Patch", "Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "https://www.oracle.com/security-alerts/cpujul2022.html", "name": "N/A", "tags": ["Third Party Advisory"], "refsource": "N/A"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS (Domain Name Servers) can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as well as system availability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-79"}, {"lang": "en", "value": "CWE-79"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-3672", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.2}}, "publishedDate": "2021-11-23T19:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.17.2", "versionStartIncluding": "1.0.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_computer_node:1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "1.0.1.1"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "16.6.2", "versionStartIncluding": "16.0.0"}, {"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "14.14.0", "versionStartIncluding": "14.0.0"}, {"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "12.22.5", "versionStartIncluding": "12.13.0"}, {"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "12.12.0", "versionStartIncluding": "12.0.0"}, {"cpe23Uri": "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "14.17.5", "versionStartIncluding": "14.15.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:pgbouncer:pgbouncer:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.17.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-10-18T14:57Z"}

5.6 /10