Vulnerabilities > CVE-2021-3449 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH

Summary

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

Vulnerable Configurations

Part Description Count
Application
Openssl
21
Application
Netapp
9
Application
Tenable
134
Application
Mcafee
6
Application
Oracle
70
Application
Sonicwall
1
Application
Siemens
16
Application
Nodejs
120
OS
Debian
2
OS
Freebsd
3
OS
Fedoraproject
1
OS
Checkpoint
6
OS
Sonicwall
4
OS
Siemens
79
Hardware
Checkpoint
3
Hardware
Sonicwall
1
Hardware
Siemens
57

Common Weakness Enumeration (CWE)

References