How severe is CVE-2023-28321?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2023-28321?

This is classified as CWE-295, which is a common weakness in software security.

CVE-2023-28321 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.

Related Vulnerabilities

CVE-2008-4989

MEDIUM

CVSS:5.9(Medium)

The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certi...

CWE-2952008

CVE-2009-2408

MEDIUM

CVSS:5.9(Medium)

Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the s...

CWE-2952009

CVE-2010-4237

MEDIUM

CVSS:5.9(Medium)

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middl...

CWE-2952010

CVE-2010-4532

MEDIUM

CVSS:5.9(Medium)

offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.

CWE-2952010

CVE-2011-0199

MEDIUM

CVSS:5.9(Medium)

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle ...

CWE-2952011

CVE-2012-1316

MEDIUM

CVSS:5.9(Medium)

Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks

CWE-2952012