NVD Vulnerability Detail

CVE-2021-23841

Summary	The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).
Publication Date	Feb. 17, 2021, 2:15 a.m.
Registration Date	Feb. 17, 2021, 10:02 a.m.
Last Update	Nov. 21, 2024, 2:51 p.m.

CVSS3.1 : MEDIUM
スコア	5.9
Vector	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	高
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	高

CVSS2.0 : MEDIUM
Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	中
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:openssl:openssl::::::::	1.0.2			1.0.2y
cpe:2.3:a:openssl:openssl::::::::	1.1.1			1.1.1j

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:tenable:tenable.sc::::::::	5.13.0	5.17.0
cpe:2.3:a:tenable:nessus_network_monitor:5.11.1:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.12.0:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.12.1:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.13.0:::::::*
cpe:2.3:a:tenable:nessus_network_monitor:5.11.0:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:o:apple:macos::::::::	11.1			11.4
cpe:2.3:o:apple:iphone_os::::::::				14.6
cpe:2.3:a:apple:safari::::::::				14.1.1
cpe:2.3:o:apple:ipados::::::::				14.6

Configuration5	or higher	or less	more than	less than
cpe:2.3:a:netapp:snapcenter:-:::::::*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:::::::*
cpe:2.3:a:netapp:oncommand_insight:-:::::::*

Configuration6	or higher	or less	more than	less than
cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0::::enterprise:::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:::::::*
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::
cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0::::enterprise:::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
cpe:2.3:a:oracle:graalvm:20.3.1.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:21.0.0.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:19.3.5::::enterprise:::
cpe:2.3:a:oracle:mysql_server::::::::	8.0.15			8.0.23
cpe:2.3:a:oracle:mysql_server::::::::				5.7.33
cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::				8.0.23
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:::::::*
cpe:2.3:a:oracle:essbase:21.2:::::::*
cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0::::enterprise:::
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*

Configuration7	or higher	or less	more than	less than
cpe:2.3:a:siemens:sinec_ins:1.0:sp1::::::
cpe:2.3:a:siemens:sinec_ins::::::::				1.0
cpe:2.3:a:siemens:sinec_ins:1.0:-::::::

Related information, measures and tools

No	URL	タグ
1	http://seclists.org/fulldisclosure/2021/May/67	Mailing List Third Party Advisory
2	http://seclists.org/fulldisclosure/2021/May/67	Mailing List Third Party Advisory
3	http://seclists.org/fulldisclosure/2021/May/68	Mailing List Third Party Advisory
4	http://seclists.org/fulldisclosure/2021/May/68	Mailing List Third Party Advisory
5	http://seclists.org/fulldisclosure/2021/May/70	Mailing List Third Party Advisory
6	http://seclists.org/fulldisclosure/2021/May/70	Mailing List Third Party Advisory
7	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch Third Party Advisory
8	https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf	Patch Third Party Advisory
9	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
10	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
11	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
12	https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
13	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846	Third Party Advisory
14	https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846	Third Party Advisory
15	https://security.gentoo.org/glsa/202103-03	Third Party Advisory
16	https://security.gentoo.org/glsa/202103-03	Third Party Advisory
17	https://security.netapp.com/advisory/ntap-20210219-0009/	Third Party Advisory
18	https://security.netapp.com/advisory/ntap-20210219-0009/	Third Party Advisory
19	https://security.netapp.com/advisory/ntap-20210513-0002/	Third Party Advisory
20	https://security.netapp.com/advisory/ntap-20210513-0002/	Third Party Advisory
21	https://security.netapp.com/advisory/ntap-20240621-0006/
22	https://security.netapp.com/advisory/ntap-20240621-0006/
23	https://support.apple.com/kb/HT212528	Third Party Advisory
24	https://support.apple.com/kb/HT212528	Third Party Advisory
25	https://support.apple.com/kb/HT212529	Third Party Advisory
26	https://support.apple.com/kb/HT212529	Third Party Advisory
27	https://support.apple.com/kb/HT212534	Third Party Advisory
28	https://support.apple.com/kb/HT212534	Third Party Advisory
29	https://www.debian.org/security/2021/dsa-4855	Third Party Advisory
30	https://www.debian.org/security/2021/dsa-4855	Third Party Advisory
31	https://www.openssl.org/news/secadv/20210216.txt	Vendor Advisory
32	https://www.openssl.org/news/secadv/20210216.txt	Vendor Advisory
33	https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
34	https://www.oracle.com//security-alerts/cpujul2021.html	Patch Third Party Advisory
35	https://www.oracle.com/security-alerts/cpuApr2021.html	Patch Third Party Advisory
36	https://www.oracle.com/security-alerts/cpuApr2021.html	Patch Third Party Advisory
37	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
38	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
39	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
40	https://www.oracle.com/security-alerts/cpuoct2021.html	Patch Third Party Advisory
41	https://www.tenable.com/security/tns-2021-03	Third Party Advisory
42	https://www.tenable.com/security/tns-2021-03	Third Party Advisory
43	https://www.tenable.com/security/tns-2021-09	Third Party Advisory
44	https://www.tenable.com/security/tns-2021-09	Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-476	NULL ポインタデリファレンス	https://cwe.mitre.org/data/definitions/476.html

JVN Vulnerability Information

OpenSSL における NULL ポインタデリファレンスに関する脆弱性

Title	OpenSSL における NULL ポインタデリファレンスに関する脆弱性
Summary	OpenSSL には、パブリック API 関数 X509_issuer_and_serial_hash() に不備があるため、NULL ポインタデリファレンスに関する脆弱性が存在します。
Possible impacts	発行者フィールドが悪意を持って作成された場合、NULL ポインタデリファレンスおよびクラッシュを介して、サービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Feb. 16, 2021, midnight
Registration Date	May 14, 2021, 2:18 p.m.
Last Update	July 20, 2023, 3:25 p.m.

Affected System

OpenSSL Project

OpenSSL 1.0.2 から 1.0.2x

OpenSSL 1.1.1 から 1.1.1j

日立

Hitachi Device Manager

Hitachi Ops Center Analyzer viewpoint (海外販売のみ)

Hitachi Ops Center Common Services (海外販売のみ)

Hitachi Tuning Manager

RV3000

Debian

Debian GNU/Linux

Tenable, Inc.

Tenable.Sc

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2021-23841	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
National Vulnerability Database (NVD)
2	CVE-2021-23841	https://nvd.nist.gov/vuln/detail/CVE-2021-23841

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-190	https://cwe.mitre.org/data/definitions/190.html

ベンダー情報

No	Name	URL
Debian Security Advisory
1	DSA-4855-1	https://www.debian.org/security/2021/dsa-4855
Git
2	Fix Null pointer deref in X509_issuer_and_serial_hash()	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
Hitachi Software Vulnerability Information
3	hitachi-sec-2021-117	https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-117/index.html
4	hitachi-sec-2021-119	https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2021-119/index.html
5	hitachi-sec-2023-126	https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-126/index.html
OpenSSL Security Advisory
6	Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)	https://www.openssl.org/news/secadv/20210216.txt
Tenable Network Security
7	TNS-2021-03	https://www.tenable.com/security/tns-2021-03
8	TNS-2021-09	https://www.tenable.com/security/tns-2021-09
ソフトウェア製品セキュリティ情報
9	hitachi-sec-2021-117	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2021-117/index.html
10	hitachi-sec-2021-119	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2021-119/index.html
11	hitachi-sec-2021-223	https://www.hitachi.co.jp/products/it/server/security/info/vulnerable/hitachi_sec_2021_223.html
12	hitachi-sec-2023-126	https://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2023-126/index.html
三菱電機株式会社
13	MELSOFT GT OPC UA Client における OpenSSL の脆弱性に起因する情報漏えい及びサービス拒否(DoS)の脆弱性	https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2022-002.pdf

その他

No	Name	URL
ICS-CERT ADVISORY
1	ICSA-21-336-06	https://us-cert.cisa.gov/ics/advisories/icsa-21-336-06
2	ICSA-22-258-05	https://www.cisa.gov/uscert/ics/advisories/icsa-22-258-05
JVN
3	JVNVU#90348129	https://jvn.jp/vu/JVNVU90348129/
4	JVNVU#94508446	http://jvn.jp/vu/JVNVU94508446/index.html
5	JVNVU#99475301	https://jvn.jp/vu/JVNVU99475301/

Change Log

No	Changed Details	Date of change
3	[2021年12月07日] 　参考情報：JVN (JVNVU#90348129) を追加　参考情報：ICS-CERT ADVISORY (ICSA-21-336-06) を追加	Dec. 7, 2021, 1:42 p.m.
4	[2021年12月28日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2021-223) を追加	Dec. 28, 2021, 1:54 p.m.
5	[2022年05月12日] ベンダ情報：三菱電機 (MELSOFT GT OPC UA Client における OpenSSL の脆弱性に起因する情報漏えい及びサービス拒否(DoS)の脆弱性) を追加	May 12, 2022, 9:36 a.m.
6	[2022年09月15日] 参考情報：JVN (JVNVU#99475301) を追加	Sept. 15, 2022, 1:38 p.m.
7	[2022年09月20日] 参考情報：ICS-CERT ADVISORY (ICSA-22-258-05) を追加	Sept. 20, 2022, 1:41 p.m.
1	[2021年05月14日] 掲載	May 14, 2021, 2:18 p.m.
2	[2021年05月24日] 影響を受けるシステム：内容を更新ベンダ情報：Hitachi Software Vulnerability Information (hitachi-sec-2021-117) を追加ベンダ情報：Hitachi Software Vulnerability Information (hitachi-sec-2021-119) を追加ベンダ情報：ソフトウェア製品セキュリティ情報 (hitachi-sec-2021-117) を追加ベンダ情報：ソフトウェア製品セキュリティ情報 (hitachi-sec-2021-119) を追加	May 24, 2021, 2:40 p.m.
8	[2023年07月20日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：日立 (hitachi-sec-2023-126) を追加	July 20, 2023, 10:04 a.m.

Configuration6	or higher	or less	more than	less than
cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0::::enterprise:::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:::::::*
cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0::::enterprise:::
cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0::::enterprise:::
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:::::::*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:::::::*
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
cpe:2.3:a:oracle:graalvm:20.3.1.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:21.0.0.2::::enterprise:::
cpe:2.3:a:oracle:graalvm:19.3.5::::enterprise:::
cpe:2.3:a:oracle:mysql_server::::::::	8.0.15			8.0.23
cpe:2.3:a:oracle:mysql_server::::::::				5.7.33
cpe:2.3:a:oracle:mysql_enterprise_monitor::::::::				8.0.23
cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:::::::*
cpe:2.3:a:oracle:essbase:21.2:::::::*
cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0::::enterprise:::
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:::::::*