Vulnerability Details : CVE-2021-3449
Potential exploit
An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2021-3449
- cpe:2.3:o:freebsd:freebsd:12.2:-:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.2:p1:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:12.2:p2:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:secure_global_desktop:5.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:graalvm:19.3.5:*:*:*:enterprise:*:*:*
- cpe:2.3:a:oracle:graalvm:20.3.1.2:*:*:*:enterprise:*:*:*
- cpe:2.3:a:oracle:graalvm:21.0.0.2:*:*:*:enterprise:*:*:*
- cpe:2.3:a:oracle:communications_communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:essbase:21.2:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinema_server:14.0:-:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinema_server:14.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinema_server:14.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinema_server:14.0:sp2_update1:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinema_server:14.0:sp2_update2:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_m-800_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_logon:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_logon:1.5:sp3_update_1:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_w700_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf188c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_wincc_runtime_advanced:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf185c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_hmi_comfort_outdoor_panels_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf186c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:tim_1531_irc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:tia_administrator:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xb-200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xc-200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xf-200ba_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xp-200_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr-300wg_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_sc-600_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1211c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1217c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_hmi_ktp_mobile_panels_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xm-400_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_s602_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_s612_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_s623_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_s627-2m_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinumerik_opc_ua_server:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_hmi_basic_panels_2nd_generation_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf166c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf186ci_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf188ci_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_rf360r_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_w1700_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_mv500_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_pdm_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_1545-1_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_1543-1_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr524-8c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr526-8c_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr528-6m_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:scalance_xr552-12_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_cloud_connect_7_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_cp_1242-7_gprs_v2_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_1243-1_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_eu_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp1243-7_lte_us_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_1243-8_irc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_1542sp-1_irc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_1543sp-1_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_pcs_7_telecontrol_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_pcs_neo_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_process_historian_opc_ua_server_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1212fc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1214_fc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1200_cpu_1215_fc_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:sinamics_connect_300_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:simatic_wincc_telecontrol:-:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinec_nms:1.0:-:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinec_nms:1.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinec_pni:-:*:*:*:*:*:*:*
- cpe:2.3:a:siemens:sinec_infrastructure_network_services:*:*:*:*:*:*:*:*
- cpe:2.3:o:checkpoint:quantum_security_management_firmware:r80.40:*:*:*:*:*:*:*
- cpe:2.3:o:checkpoint:quantum_security_management_firmware:r81:*:*:*:*:*:*:*
- cpe:2.3:o:checkpoint:multi-domain_management_firmware:r80.40:*:*:*:*:*:*:*
- cpe:2.3:o:checkpoint:multi-domain_management_firmware:r81:*:*:*:*:*:*:*
- cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r80.40:*:*:*:*:*:*:*
- cpe:2.3:o:checkpoint:quantum_security_gateway_firmware:r81:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:web_gateway:8.2.19:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:web_gateway:9.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:web_gateway:10.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:web_gateway_cloud_service:8.2.19:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:web_gateway_cloud_service:9.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:web_gateway_cloud_service:10.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sonicos:7.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:sonicwall:sma100_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:sonicwall:capture_client:3.5:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
- cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
- Nodejs » Node.js » LTS EditionVersions from including (>=) 10.13.0 and up to, including, (<=) 10.24.0cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
- cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
- cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-3449
13.86%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-3449
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2021-3449
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2021-3449
-
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=fb9fa6b51defd48157eeb207f52181f735d96148
git.openssl.org Git
-
https://lists.debian.org/debian-lts-announce/2021/08/msg00029.html
[SECURITY] [DLA 2751-1] postgresql-9.6 security updateMailing List;Third Party Advisory
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.asc
Third Party Advisory
-
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845
Pulse Security Advisory: SA44845 - OpenSSL Security Advisory CVE-2021-3450Third Party Advisory
-
https://www.tenable.com/security/tns-2021-10
[R1] LCE 6.0.9 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
https://www.tenable.com/security/tns-2021-06
[R1] Tenable.sc 5.18.0 Fixes One Third-party Vulnerability - Security Advisory | Tenable®Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuapr2022.html
Oracle Critical Patch Update Advisory - April 2022Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/03/27/1
oss-security - OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processingMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/
[SECURITY] Fedora 34 Update: openssl-1.1.1k-1.fc34 - package-announce - Fedora Mailing-Lists
-
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fb9fa6b51defd48157eeb207f52181f735d96148
git.openssl.org Git - openssl.git/commitdiffMailing List;Patch;Vendor Advisory
-
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013
Security AdvisoryThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20210326-0006/
March 2021 OpenSSL Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.oracle.com//security-alerts/cpujul2021.html
Oracle Critical Patch Update Advisory - July 2021Patch;Third Party Advisory
-
https://www.tenable.com/security/tns-2021-05
[R1] Nessus 8.13.2 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
https://www.debian.org/security/2021/dsa-4875
Debian -- Security Information -- DSA-4875-1 opensslThird Party Advisory
-
https://www.tenable.com/security/tns-2021-09
[R1] Nessus Network Monitor 5.13.1 Fixes Multiple Third-party Vulnerabilities - Security Advisory | Tenable®Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/03/28/4
oss-security - Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processingMailing List;Third Party Advisory
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJd
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2021Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/03/27/2
oss-security - Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processingMailing List;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - April 2021Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20210513-0002/
April 2021 MySQL Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20240621-0006/
February 2024 IBM Cognos Analytics Vulnerabilities in NetApp Products | NetApp Product Security
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/
[SECURITY] Fedora 34 Update: openssl-1.1.1k-1.fc34 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdf
Patch;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpuoct2021.html
Oracle Critical Patch Update Advisory - October 2021Third Party Advisory
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10356
McAfee Security Bulletin - Status and updates for OpenSSL vulnerabilities (CVE-2021-3450 and 2021-3449)Third Party Advisory
-
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/03/28/3
oss-security - Re: OpenSSL 1.1.1 CVE-2021-3450 CA certificate check bypass with X509_V_FLAG_X509_STRICT, CVE-2021-3449 NULL pointer deref in signature_algorithms processingMailing List;Third Party Advisory
-
https://www.oracle.com/security-alerts/cpujul2022.html
Oracle Critical Patch Update Advisory - July 2022Third Party Advisory
-
https://security.gentoo.org/glsa/202103-03
OpenSSL: Multiple vulnerabilities (GLSA 202103-03) — Gentoo securityThird Party Advisory
-
https://www.openssl.org/news/secadv/20210325.txt
Vendor Advisory
Jump to