CVE-2021-46880

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openbsd:libressl:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*

History

17 May 2023, 20:15

Type Values Removed Values Added
References
  • (CONFIRM) https://security.netapp.com/advisory/ntap-20230517-0006/ -

24 Apr 2023, 18:42

Type Values Removed Values Added
CWE CWE-295
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:openbsd:libressl:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
References (MISC) https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt - (MISC) https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt - Release Notes
References (MISC) https://github.com/openbsd/src/commit/3f851282810fa0ab4b90b3b1ecec2e8717ef16f8 - (MISC) https://github.com/openbsd/src/commit/3f851282810fa0ab4b90b3b1ecec2e8717ef16f8 - Patch
References (MISC) https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/006_x509.patch.sig - (MISC) https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/006_x509.patch.sig - Patch

15 Apr 2023, 02:25

Type Values Removed Values Added
New CVE

Information

Published : 2023-04-15 00:15

Updated : 2024-02-04 23:37


NVD link : CVE-2021-46880

Mitre link : CVE-2021-46880

CVE.ORG link : CVE-2021-46880


JSON object : View

Products Affected

openbsd

  • openbsd
  • libressl
CWE
CWE-295

Improper Certificate Validation