CVE-2021-43766 - Vulnerability Details - OpenCVE

Description

Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL.

Published: 2022-08-25

Score: 8.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

Odyssey

affected

Version	Status	Constraints
`Odyssey 1.1`	affected	—

Configuration 1 [-]

cpe:2.3:a:odyssey_project:odyssey:1.1:*:*:*:*:*:*:*

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2021-30673	Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00169.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://github.com/yandex/odyssey/issues/376%2C
https://www.postgresql.org/support/security/CVE-2021-23214/

History

No history.

Subscriptions

Odyssey Project Odyssey

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2022-08-25T17:27:31.000Z

Updated: 2024-08-04T04:03:08.895Z

Reserved: 2021-11-15T00:00:00.000Z

Link: CVE-2021-43766

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-25T18:15:09.317

Modified: 2024-11-21T06:29:44.870

Link: CVE-2021-43766

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"containers": {"cna": {"affected": [{"product": "Odyssey", "vendor": "n/a", "versions": [{"status": "affected", "version": "Odyssey 1.1"}]}], "descriptions": [{"lang": "en", "value": "Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-25T17:27:31.000Z", "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.postgresql.org/support/security/CVE-2021-23214/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/yandex/odyssey/issues/376%2C"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "patrick@puiterwijk.org", "ID": "CVE-2021-43766", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Odyssey", "version": {"version_data": [{"version_value": "Odyssey 1.1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-89"}]}]}, "references": {"reference_data": [{"name": "https://www.postgresql.org/support/security/CVE-2021-23214/", "refsource": "MISC", "url": "https://www.postgresql.org/support/security/CVE-2021-23214/"}, {"name": "https://github.com/yandex/odyssey/issues/376,", "refsource": "MISC", "url": "https://github.com/yandex/odyssey/issues/376,"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T04:03:08.895Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.postgresql.org/support/security/CVE-2021-23214/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/yandex/odyssey/issues/376%2C"}]}]}, "cveMetadata": {"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "cveId": "CVE-2021-43766", "datePublished": "2022-08-25T17:27:31.000Z", "dateReserved": "2021-11-15T00:00:00.000Z", "dateUpdated": "2024-08-04T04:03:08.895Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:odyssey_project:odyssey:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "34DBBE36-E704-416B-B8C1-CCF6D8F2B865", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL."}, {"lang": "es", "value": "Odyssey pasa al servidor bytes sin cifrar desde el hombre en el medio Cuando Odyssey est\u00e1 configurado para usar el certificado Nombre Com\u00fan para la autenticaci\u00f3n del cliente, un atacante hombre en el medio puede inyectar consultas SQL arbitrarias cuando es establecida una conexi\u00f3n por primera vez, a pesar del uso de la verificaci\u00f3n y el cifrado del certificado SSL. Esto es similar a CVE-2021-23214 para PostgreSQL."}], "id": "CVE-2021-43766", "lastModified": "2024-11-21T06:29:44.870", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-25T18:15:09.317", "references": [{"source": "patrick@puiterwijk.org", "url": "https://github.com/yandex/odyssey/issues/376%2C"}, {"source": "patrick@puiterwijk.org", "tags": ["Not Applicable"], "url": "https://www.postgresql.org/support/security/CVE-2021-23214/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/yandex/odyssey/issues/376%2C"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "https://www.postgresql.org/support/security/CVE-2021-23214/"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}