CVE-2021-23017 : A security issue in nginx resolver was identified, which might allow an attacker

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

Published 2021-06-01 13:15:08

Updated 2022-09-14 15:49:03

Source F5 Networks

View at NVD, CVE.org

Products affected by CVE-2021-23017

Oracle » Goldengate
Versions before (<) 21.4.0.0.0
cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Operations Monitor » Version: 3.4
cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Operations Monitor » Version: 4.2
cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Operations Monitor » Version: 4.3
cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Operations Monitor » Version: 4.4
cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Communications Broker » Version: 3.3.0
cpe:2.3:a:oracle:enterprise_communications_broker:3.3.0:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Session Border Controller » Version: 8.4
cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Session Border Controller » Version: 9.0
cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Session Border Controller » Version: 8.4
cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Session Border Controller » Version: 9.0
cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Control Plane Monitor » Version: 3.4
cpe:2.3:a:oracle:communications_control_plane_monitor:3.4:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Control Plane Monitor » Version: 4.2
cpe:2.3:a:oracle:communications_control_plane_monitor:4.2:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Control Plane Monitor » Version: 4.3
cpe:2.3:a:oracle:communications_control_plane_monitor:4.3:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Control Plane Monitor » Version: 4.4
cpe:2.3:a:oracle:communications_control_plane_monitor:4.4:*:*:*:*:*:*:*
Matching versions
Oracle » Communications Fraud Monitor
Versions from including (>=) 3.4 and up to, including, (<=) 4.4
cpe:2.3:a:oracle:communications_fraud_monitor:*:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Telephony Fraud Monitor » Version: 3.4
cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:3.4:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Telephony Fraud Monitor » Version: 4.2
cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:4.2:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Telephony Fraud Monitor » Version: 4.3
cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:4.3:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Telephony Fraud Monitor » Version: 4.4
cpe:2.3:a:oracle:enterprise_telephony_fraud_monitor:4.4:*:*:*:*:*:*:*
Matching versions
Oracle » Blockchain Platform
Versions before (<) 21.1.2
cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*
Matching versions
F5 » Nginx
Versions from including (>=) 0.6.18 and before (<) 1.20.1
cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions
Netapp » Ontap Select Deploy Administration Utility » Version: N/A
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
Matching versions
Openresty » Openresty
Versions before (<) 1.19.3.2
cpe:2.3:a:openresty:openresty:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2021-23017

Top countries where our scanners detected CVE-2021-23017

Top open port discovered on systems with this issue 80

IPs affected by CVE-2021-23017 5,084,128

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2021-23017!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2021-23017

EPSS FAQ

76.12%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-23017

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.7	HIGH	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L	2.2	5.5	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: Low

CWE ids for CVE-2021-23017

CWE-193 Off-by-one Error

A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
Assigned by:
- f5sirt@f5.com (Primary)
- nvd@nist.gov (Secondary)

References for CVE-2021-23017

https://www.oracle.com/security-alerts/cpuapr2022.html

Oracle Critical Patch Update Advisory - April 2022
Patch;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7SFVYHC7OXTEO4SMBWXDVK6E5IMEYMEE/

[SECURITY] Fedora 34 Update: nginx-1.20.1-2.fc34 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNKOP2JR5L7KCIZTJRZDCUPJTUONMC5I/

[SECURITY] Fedora 33 Update: nginx-1.20.1-2.fc33 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html

Oracle Critical Patch Update Advisory - January 2022
Patch;Third Party Advisory

CVEs referencing this url
http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html

[nginx-announce] nginx security advisory (CVE-2021-23017)
Mailing List;Patch;Vendor Advisory
https://lists.apache.org/thread.html/r4d4966221ca399ce948ef34884652265729d7d9ef8179c78d7f17e7f@%3Cnotifications.apisix.apache.org%3E

[GitHub] [apisix-website] liuxiran merged pull request #362: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" - Pony Mail
Mailing List;Third Party Advisory
https://lists.apache.org/thread.html/rf232eecd47fdc44520192810560303073cefd684b321f85e311bad31@%3Cnotifications.apisix.apache.org%3E

[apisix-website] branch master updated: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" (#362) - Pony Mail
Mailing List;Third Party Advisory
http://packetstormsecurity.com/files/167720/Nginx-1.20.0-Denial-Of-Service.html

Nginx 1.20.0 Denial Of Service ≈ Packet Storm
Third Party Advisory;VDB Entry
https://support.f5.com/csp/article/K12331123,

Page Not Found
Broken Link
https://lists.apache.org/thread.html/r37e6b2165f7c910d8e15fd54f4697857619ad2625f56583802004009@%3Cnotifications.apisix.apache.org%3E

[GitHub] [apisix-website] liuxiran commented on a change in pull request #362: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" - Pony Mail
Mailing List;Third Party Advisory
https://security.netapp.com/advisory/ntap-20210708-0006/

CVE-2021-23017 NGINX Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Oracle Critical Patch Update Advisory - October 2021
Patch;Third Party Advisory

CVEs referencing this url
https://lists.apache.org/thread.html/rf318aeeb4d7a3a312734780b47de83cefb7e6995da0b2cae5c28675c@%3Cnotifications.apisix.apache.org%3E

[GitHub] [apisix-website] netlify[bot] edited a comment on pull request #362: docs: added "Apache APISIX not affected by NGINX CVE-2021-23017" - Pony Mail
Mailing List;Third Party Advisory
https://lists.apache.org/thread.html/r6fc5c57b38e93e36213e9a18c8a4e5dbd5ced1c7e57f08a1735975ba@%3Cnotifications.apisix.apache.org%3E

[GitHub] [apisix-website] Serendipity96 opened a new pull request #362: feat: add new blog - Pony Mail
Mailing List;Third Party Advisory