CVE-2024-2004

moderate-risk

Published 2024-03-27

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been explicitly disabled. curl --proto -all,-http http://curl.se The flaw is only present if the set of selected protocols disables the entire set of available protocols, in itself a command with no practical use and therefore unlikely to be encountered in real situations. The curl security team has thus assessed this to be low severity bug.

Do I need to act?

0.84% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.5/10 Low

NETWORK / LOW complexity

Affected Products (11)

Curl

Fedora

Macos

Ontap

Ontap Select Deploy Administration Utility

Bootstrap Os

H300S Firmware

H410S Firmware

H500S Firmware

H700S Firmware

Affected Vendors

Apple Haxx Fedoraproject Netapp

References (26)

Mailing List http://seclists.org/fulldisclosure/2024/Jul/18

Mailing List http://seclists.org/fulldisclosure/2024/Jul/19

Mailing List http://seclists.org/fulldisclosure/2024/Jul/20

Mailing List http://www.openwall.com/lists/oss-security/2024/03/27/1

Vendor Advisory https://curl.se/docs/CVE-2024-2004.html

Vendor Advisory https://curl.se/docs/CVE-2024-2004.json

Exploit https://hackerone.com/reports/2384833

Third Party Advisory https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproje...

Third Party Advisory https://security.netapp.com/advisory/ntap-20240524-0006/

Release Notes https://support.apple.com/kb/HT214118

Release Notes https://support.apple.com/kb/HT214119

Release Notes https://support.apple.com/kb/HT214120

Mailing List http://seclists.org/fulldisclosure/2024/Jul/18

Mailing List http://seclists.org/fulldisclosure/2024/Jul/19

Mailing List http://seclists.org/fulldisclosure/2024/Jul/20

Mailing List http://www.openwall.com/lists/oss-security/2024/03/27/1

Vendor Advisory https://curl.se/docs/CVE-2024-2004.html

Vendor Advisory https://curl.se/docs/CVE-2024-2004.json

Exploit https://hackerone.com/reports/2384833

and 6 more references

/ 100

moderate-risk

Severity 16/34 · Moderate

Exploitability 3/34 · Minimal

Exposure 16/34 · Moderate