Improper Authentication

CVE-2023-27535

High

7.5/10

Summary

An authentication bypass vulnerability exists in libcurl in versions 7.13.0 through 7.88.1 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as "CURLOPT_FTP_ACCOUNT", "CURLOPT_FTP_ALTERNATIVE_TO_USER", "CURLOPT_FTP_SSL_CCC", and "CURLOPT_USE_SSL" were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-287 - Improper Authentication

Improper (or broken) authentication attacks are widespread, and have accounted for many of the worst data breaches in recent years. Improper authentication attacks are a class of vulnerabilities where an attacker impersonates a legitimate user by exploiting weaknesses in either session management or credential management to gain access to the user’s account. This can result in disclosure of sensitive information, and can lead to system compromise, theft, identity theft, and fraud.

References

Advisory Timeline

Published Mar 30, 2023

Improper Authentication

CVE-2023-27535

Summary

CWE-287 - Improper Authentication

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS