CVE-2021-3449 · threatengine.sh

Home/CVE/An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv

CVE

CVE-2021-3449

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration).

OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k.

OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).

MEDIUM · CVSS 5.9 EPSS 0.09859

Monitor

EPSS percentile: top 7% of all CVEs by exploitation likelihood

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-476NULL Pointer Dereference

▤

Affected Products & Versions

40

openssl>= 1.1.1 and < 1.1.1k
debian linuxall versions
freebsdall versions
netapp active iq unified managerall versions
netapp cloud volumes ontap mediatorall versions
netapp e-series performance analyzerall versions
netapp oncommand insightall versions
netapp oncommand workflow automationall versions
Show all 40 affected productsnetapp ontap select deploy administration utilityall versions
netapp santricity smi-s providerall versions
netapp snapcenterall versions
netapp storagegridall versions
tenable log correlation engine< 6.0.9
tenable nessus<= 8.13.1
tenable nessus network monitorall versions
tenable tenable.sc>= 5.13.0 and <= 5.17.0
fedoraproject fedoraall versions
mcafee web gatewayall versions
mcafee web gateway cloud serviceall versions
checkpoint quantum security management firmwareall versions
checkpoint multi-domain management firmwareall versions
checkpoint quantum security gateway firmwareall versions
oracle communications communications policy managementall versions
oracle enterprise manager for storage managementall versions
oracle essbaseall versions
oracle graalvmall versions
oracle jd edwards enterpriseone tools< 9.2.6.0
oracle jd edwards world securityall versions
oracle mysql connectors<= 8.0.23
oracle mysql server<= 5.7.33
oracle mysql server>= 8.0.15 and <= 8.0.23
oracle mysql workbench<= 8.0.23
oracle peoplesoft enterprise peopletoolsall versions
oracle primavera unifier>= 17.7 and <= 17.12
oracle primavera unifierall versions
oracle secure backup< 18.1.0.1.0
oracle secure global desktopall versions
oracle zfs storage appliance kitall versions
sonicwall sma100 firmware>= 10.2.0.0 and < 10.2.1.0-17sv
sonicwall capture clientall versions

▤

Affected Packages

1

Language-ecosystem packages (from OSV) tied to this CVE, with the version that fixes it - the dependency-level detail NVD doesn’t carry.

crates.io openssl-src MODERATE fixed in 111.15.0

▣

Scoring & Timeline

5.9

MEDIUM · CVSS v3.1 · openssl-security@openssl.org

View on NVD

Attack Vector

Network Adjacent Local Physical

Attack Complexity

Low High

Privileges Required

None Low High

User Interaction

None Required

Scope

Unchanged Changed

Confidentiality

None Low High

Integrity

None Low High

Availability

None Low High

Published to NVD25 Mar 2021 · 03:15 PM

CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

⚑

Vendor Advisories

30

suse-csafopenSUSE-SU-2024:11041-1
suse-csafopenSUSE-SU-2024:11127-1
suse-csafSUSE-SU-2021:0955-2
siemens-csafSSA-389290
msrcCVE-2021-3449Denial of Service
Show all 30 vendor advisoriesusnUSN-5038-1
suse-csafopenSUSE-SU-2021:1059-1
suse-csafopenSUSE-SU-2021:1061-1
suse-csafopenSUSE-SU-2021:2353-1
suse-csafSUSE-SU-2021:2353-1
suse-csafopenSUSE-SU-2021:2327-1
suse-csafSUSE-SU-2021:2323-1
suse-csafSUSE-SU-2021:2326-1
suse-csafSUSE-SU-2021:2327-1
siemens-csafSSA-772220
usnUSN-4891-1
rhsaRHSA-2021:1195Important
rhsaRHSA-2021:1199Important
rhsaRHSA-2021:1196Important
rhsaRHSA-2021:1202Important
rhsaRHSA-2021:1203Important
rhsaRHSA-2021:1200Important
rhsaRHSA-2021:1024Important
rhsaRHSA-2021:1189Important
rhsaRHSA-2021:1063Important
rhsaRHSA-2021:1131Important
suse-csafopenSUSE-SU-2021:0476-1
suse-csafSUSE-SU-2021:0954-1
suse-csafSUSE-SU-2021:0955-1
cisco-csafcisco-sa-openssl-2021-GHY28dJd

🔗

References & Sources

29

Source URLs (vendor pages, mailing lists, write-ups). Exploit/PoC links are in their own section above to avoid duplication.

http://www.openwall.com/lists/oss-security/2021/03/27/1Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2021/03/27/2Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2021/03/28/3Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2021/03/28/4Mailing ListThird Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdfThird Party Advisory

https://cert-portal.siemens.com/productcert/pdf/ssa-772220.pdfPatchThird Party Advisory

Show all 29 references

https://git.openssl.org/gitweb/?p=openssl.git

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845Third Party Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10356Third Party Advisory

https://lists.debian.org/debian-lts-announce/2021/08/msg00029.htmlMailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCBFLLVQVILIVGZMBJL3IXZGKWQISYNP/

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013Third Party Advisory

https://security.FreeBSD.org/advisories/FreeBSD-SA-21:07.openssl.ascThird Party Advisory

https://security.gentoo.org/glsa/202103-03Third Party Advisory

https://security.netapp.com/advisory/ntap-20210326-0006/Third Party Advisory

https://security.netapp.com/advisory/ntap-20210513-0002/Third Party Advisory

https://security.netapp.com/advisory/ntap-20240621-0006/

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssl-2021-GHY28dJdThird Party Advisory

https://www.debian.org/security/2021/dsa-4875Third Party Advisory

https://www.openssl.org/news/secadv/20210325.txtVendor Advisory

https://www.oracle.com//security-alerts/cpujul2021.htmlPatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.htmlPatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuapr2022.htmlPatchThird Party Advisory

https://www.oracle.com/security-alerts/cpujul2022.htmlThird Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.htmlThird Party Advisory

https://www.tenable.com/security/tns-2021-05Third Party Advisory

https://www.tenable.com/security/tns-2021-06Third Party Advisory

https://www.tenable.com/security/tns-2021-09Third Party Advisory

https://www.tenable.com/security/tns-2021-10Third Party Advisory

Intelligence Graph · click any node to traverse

CVETechnique ActorTool Family

drag to reposition · click any node to traverse · button top-right enlarges

External lookups - second-class, for what we don’t hold ourselves

NVD CVE.org CISA Vulners Exploit-DB GitHub PoC VulnCheck KEV GreyNoise

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin