curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.

The remote host is affected by the vulnerability described in GLSA-202409-20 (curl: Multiple Vulnerabilities)

    Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below     for details.

Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of curl installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0853 advisory.

  - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP     stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID     cache was still fresh, which then skipped the verify status check. (CVE-2024-0853)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The versions of MySQL Cluster installed on the remote host are affected by multiple vulnerabilities as referenced in the April / July 2024 CPU advisory.

  - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General (LibExpat)).     Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a     hang or frequently repeatable crash (complete DOS) of MySQL Cluster. July 2024 CPU (CVE-2023-52425)

  - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported     versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior.
    Difficult to exploit vulnerability allows high privileged attacker with network access via multiple     protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized     read access to a subset of MySQL Cluster accessible data. April CPU (CVE-2024-21101)

  - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported     versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior.
    Easily exploitable vulnerability allows high privileged attacker with network access via multiple     protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized     ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster.  April CPU     (CVE-2024-21102)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory:

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (zlib)). The     supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker     with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result     in takeover of Oracle HTTP Server. (CVE-2023-45853)

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (LibExpat)). The     supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker     with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result     in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle HTTP Server.
    (CVE-2023-52425)

  - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: SSL Module (libxml2)). The     supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker     with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result     in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle HTTP Server.
    (CVE-2024-25062)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The versions of MySQL Cluster installed on the remote host are affected by a vulnerability as referenced in the April 2024 CPU advisory.

  - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General (curl)).     Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable     vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise     MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized update, insert or     delete access to some of MySQL Cluster accessible data. (CVE-2024-0853)

  - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported     versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior.
    Easily exploitable vulnerability allows high privileged attacker with network access via multiple     protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized     ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Cluster. (CVE-2024-21102)

  - Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General). Supported     versions that are affected are 7.5.33 and prior, 7.6.29 and prior, 8.0.36 and prior and 8.3.0 and prior.
    Difficult to exploit vulnerability allows high privileged attacker with network access via multiple     protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized     read access to a subset of MySQL Cluster accessible data. (CVE-2024-21101)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-581 advisory.

  - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP     stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID     cache was still fresh, which then skipped the verify status check. (CVE-2024-0853)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 02e33cd1-c655-11ee-8613-08002784c58d advisory.

  - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (*OCSP     stapling*) test failed. A subsequent transfer to the same hostname could then succeed if the session ID     cache was still fresh, which then skipped the verify status check. (CVE-2024-0853)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Curl installed on the remote host is between 8.5.0 prior to 8.6.0. It is, therefore, affected by a security bypass vulnerability. Curl inadvertently kept the SSL session ID for connections in its cache even when the verify status (OCSP stapling) test failed. A subsequent transfer to the same hostname could then succeed if the session ID cache was still fresh, which then skipped the verify status check.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
207580	GLSA-202409-20 : curl: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	medium
205055	CBL Mariner 2.0 Security Update: curl (CVE-2024-0853)	Nessus	MarinerOS Local Security Checks	medium
193576	Oracle MySQL Cluster 8.0.x < 8.0.37 (Apr 2024 / Jul 2024 CPU)	Nessus	Databases	medium
202723	Oracle HTTP Server (July 2024 CPU)	Nessus	Web Servers	critical
193577	Oracle MySQL Cluster 8.x < 8.4.0 (April 2024 CPU)	Nessus	Databases	medium
192885	Amazon Linux 2023 : curl, curl-minimal, libcurl (ALAS2023-2024-581)	Nessus	Amazon Linux Local Security Checks	medium
191122	FreeBSD : curl -- OCSP verification bypass with TLS session reuse (02e33cd1-c655-11ee-8613-08002784c58d)	Nessus	FreeBSD Local Security Checks	medium
189941	Curl 8.5.0 < 8.6.0 Security Bypass (CVE-2024-0853)	Nessus	Misc.	medium

Detections

Analytics

CVE-2024-0853

medium

Tenable Plugins

medium

medium

medium

critical

medium

medium

medium

medium