CVE-2023-28322 — LOW (3.7) — White Hats Nepal

Q: How severe is CVE-2023-28322?

CVE-2023-28322 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-28322?

Check the references section above for vendor advisories and patch information. Affected products include: Haxx Curl, Fedoraproject Fedora, Apple Macos, Netapp Clustered Data Ontap, Netapp Ontap Antivirus Connector.

Vulnerability Description

An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.

CVSS Score

3.7

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Haxx	Curl	< 8.1.0
Fedoraproject	Fedora	37
Apple	Macos	>= 11.0, < 11.7.9
Netapp	Clustered Data Ontap	-
Netapp	Ontap Antivirus Connector	-
Netapp	H300S Firmware	-
Netapp	H300S	-
Netapp	H500S Firmware	-
Netapp	H500S	-
Netapp	H700S Firmware	-
Netapp	H700S	-
Netapp	H410S Firmware	-
Netapp	H410S	-

Related Weaknesses (CWE)

CWE-200

References

http://seclists.org/fulldisclosure/2023/Jul/47Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2023/Jul/48Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2023/Jul/52Mailing ListThird Party Advisory
https://hackerone.com/reports/1954658ExploitPatchThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
https://security.gentoo.org/glsa/202310-12Third Party Advisory
https://security.netapp.com/advisory/ntap-20230609-0009/Third Party Advisory
https://support.apple.com/kb/HT213843Third Party Advisory
https://support.apple.com/kb/HT213844Third Party Advisory
https://support.apple.com/kb/HT213845Third Party Advisory
http://seclists.org/fulldisclosure/2023/Jul/47Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2023/Jul/48Mailing ListThird Party Advisory
http://seclists.org/fulldisclosure/2023/Jul/52Mailing ListThird Party Advisory

FAQ

What is CVE-2023-28322?

CVE-2023-28322 is a vulnerability with a CVSS score of 3.7 (LOW). An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when...

How severe is CVE-2023-28322?

CVE-2023-28322 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-28322?

Check the references section above for vendor advisories and patch information. Affected products include: Haxx Curl, Fedoraproject Fedora, Apple Macos, Netapp Clustered Data Ontap, Netapp Ontap Antivirus Connector.