CVE-2024-2466 : libcurl did not check the server certificate of TLS connections done to a host s

libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).

Published 2024-03-27 08:15:41

Updated 2024-08-23 19:35:13

Source curl

View at NVD, CVE.org

Products affected by CVE-2024-2466

Please log in to view affected product information.

Exploit prediction scoring system (EPSS) score for CVE-2024-2466

EPSS FAQ

0.27%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 50 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2024-2466

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	3.9	2.5	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-08-23
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: Low Availability: None
5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N	N/A	N/A	RedHat-CVE-2024-2466	2024-03-27
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2024-2466

CWE-297 Improper Validation of Certificate with Host Mismatch

The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2024-2466

https://hackerone.com/reports/2416725

HackerOne
https://security.netapp.com/advisory/ntap-20240503-0010/

CVE-2024-2466 curl Vulnerability in NetApp Products | NetApp Product Security
https://curl.se/docs/CVE-2024-2466.html

curl - TLS certificate check bypass with mbedTLS - CVE-2024-2466
http://seclists.org/fulldisclosure/2024/Jul/20

Full Disclosure: APPLE-SA-07-29-2024-6 macOS Monterey 12.7.6

CVEs referencing this url
https://curl.se/docs/CVE-2024-2466.json
http://www.openwall.com/lists/oss-security/2024/03/27/4

oss-security - [SECURITY ADVISORY] curl: CVE-2024-2466: TLS certificate check bypass with mbedTLS

CVEs referencing this url
http://seclists.org/fulldisclosure/2024/Jul/19

Full Disclosure: APPLE-SA-07-29-2024-5 macOS Ventura 13.6.8

CVEs referencing this url
https://support.apple.com/kb/HT214120

About the security content of macOS Ventura 13.6.8 - Apple Support

CVEs referencing this url
https://support.apple.com/kb/HT214119

About the security content of macOS Sonoma 14.6 - Apple Support

CVEs referencing this url
http://seclists.org/fulldisclosure/2024/Jul/18

Full Disclosure: APPLE-SA-07-29-2024-4 macOS Sonoma 14.6

CVEs referencing this url
https://support.apple.com/kb/HT214118

About the security content of macOS Monterey 12.7.6 - Apple Support

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2024-2466

Products affected by CVE-2024-2466

Exploit prediction scoring system (EPSS) score for CVE-2024-2466

CVSS scores for CVE-2024-2466

CWE ids for CVE-2024-2466

References for CVE-2024-2466