ByteOS Network

NVD Vulnerability Details :

CVE-2021-46880

Modified

Source-cve@mitre.org

Published At-15 Apr, 2023 | 00:15

Updated At-07 Feb, 2025 | 16:15

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CPE Matches

OpenBSD

>>libressl>>Versions before 3.4.2(exclusive)

cpe:2.3:a:openbsd:libressl:*:*:*:*:*:*:*:*

OpenBSD

>>openbsd>>Versions before 7.0(exclusive)

cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-295	Primary	nvd@nist.gov
CWE-295	Secondary	134c704f-9b21-4f2e-91b3-4a467353bcc0

References

Hyperlink	Source	Resource
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt	cve@mitre.org	Release Notes
https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/006_x509.patch.sig	cve@mitre.org	Patch
https://github.com/openbsd/src/commit/3f851282810fa0ab4b90b3b1ecec2e8717ef16f8	cve@mitre.org	Patch
https://security.netapp.com/advisory/ntap-20230517-0006/	cve@mitre.org	N/A
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt	af854a3a-2127-422b-91ae-364da2661108	Release Notes
https://ftp.openbsd.org/pub/OpenBSD/patches/7.0/common/006_x509.patch.sig	af854a3a-2127-422b-91ae-364da2661108	Patch
https://github.com/openbsd/src/commit/3f851282810fa0ab4b90b3b1ecec2e8717ef16f8	af854a3a-2127-422b-91ae-364da2661108	Patch
https://security.netapp.com/advisory/ntap-20230517-0006/	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History