Improper Authentication
CVE-2023-27535
Summary
An authentication bypass vulnerability exists in libcurl in versions 7.13.0 through 7.88.1 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as "CURLOPT_FTP_ACCOUNT", "CURLOPT_FTP_ALTERNATIVE_TO_USER", "CURLOPT_FTP_SSL_CCC", and "CURLOPT_USE_SSL" were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-287 - Improper Authentication
Improper (or broken) authentication attacks are widespread, and have accounted for many of the worst data breaches in recent years. Improper authentication attacks are a class of vulnerabilities where an attacker impersonates a legitimate user by exploiting weaknesses in either session management or credential management to gain access to the user’s account. This can result in disclosure of sensitive information, and can lead to system compromise, theft, identity theft, and fraud.
References
Advisory Timeline
- Published