CVE-2021-20230
Publication date 23 February 2021
Last updated 24 July 2024
Ubuntu priority
A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| stunnel4 | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal |
Fixed 3:5.56-1ubuntu0.2
|
|
| 18.04 LTS bionic |
Fixed 3:5.44-1ubuntu3+esm1
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
Get expanded security coverage with Ubuntu Pro
Reduce your average CVE exposure time from 98 days to 1 day with expanded CVE patching, ten-years security maintenance and optional support for the full stack of open-source applications. Free for personal use.
Get Ubuntu ProNotes
rodrigo-zaiden
the fix for this CVE can be found in src/verify.c from the upstream commit ebad9ddc. verifyChain was added in version 5.34 (commit 8c43d2af), so releases earlier than bionic are not affected.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.5 · High
|
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
References
Related Ubuntu Security Notices (USN)
- USN-6901-1
- stunnel vulnerability
- 18 July 2024