CVE-2021-3712
📋 TL;DR
This OpenSSL vulnerability allows attackers to cause buffer overruns when applications directly construct ASN.1 strings without proper NUL termination. Exploitation can lead to denial of service or memory disclosure, potentially exposing private keys or sensitive data. Affects applications using OpenSSL 1.1.1-1.1.1k or 1.0.2-1.0.2y.
💻 Affected Systems
- OpenSSL
- Applications using OpenSSL libraries
📦 What is this software?
Clustered Data Ontap Antivirus Connector by Netapp
View all CVEs affecting Clustered Data Ontap Antivirus Connector →
Communications Cloud Native Core Console by Oracle
View all CVEs affecting Communications Cloud Native Core Console →
Communications Cloud Native Core Security Edge Protection Proxy by Oracle
View all CVEs affecting Communications Cloud Native Core Security Edge Protection Proxy →
Communications Cloud Native Core Unified Data Repository by Oracle
View all CVEs affecting Communications Cloud Native Core Unified Data Repository →
Communications Session Border Controller by Oracle
View all CVEs affecting Communications Session Border Controller →
Communications Session Border Controller by Oracle
View all CVEs affecting Communications Session Border Controller →
Communications Unified Session Manager by Oracle
View all CVEs affecting Communications Unified Session Manager →
Communications Unified Session Manager by Oracle
View all CVEs affecting Communications Unified Session Manager →
E Series Santricity Os Controller by Netapp
Enterprise Communications Broker by Oracle
Enterprise Communications Broker by Oracle
Enterprise Session Border Controller by Oracle
View all CVEs affecting Enterprise Session Border Controller →
Enterprise Session Border Controller by Oracle
View all CVEs affecting Enterprise Session Border Controller →
Essbase by Oracle
Essbase by Oracle
Essbase by Oracle
Health Sciences Inform Publisher by Oracle
Health Sciences Inform Publisher by Oracle
Manageability Software Development Kit by Netapp
View all CVEs affecting Manageability Software Development Kit →
Openssl by Openssl
OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.
Learn more about Openssl →Openssl by Openssl
OpenSSL is a robust, commercial-grade toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It provides cryptographic functions and is one of the most widely used libraries for implementing secure communications in applications worldwide.
Learn more about Openssl →Peoplesoft Enterprise Peopletools by Oracle
Peoplesoft Enterprise Peopletools by Oracle
Peoplesoft Enterprise Peopletools by Oracle
Sinec Infrastructure Network Services by Siemens
View all CVEs affecting Sinec Infrastructure Network Services →
Solidfire by Netapp
Tenable.sc by Tenable
⚠️ Risk & Real-World Impact
Worst Case
Disclosure of private keys or sensitive memory contents, leading to complete system compromise and data exfiltration.
Likely Case
Application crashes causing denial of service, potentially disrupting critical services.
If Mitigated
Limited impact with proper input validation and using OpenSSL parsing functions instead of direct ASN.1 construction.
🎯 Exploit Status
Exploitation requires application-specific conditions and attacker ability to influence ASN.1 string construction.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: OpenSSL 1.1.1l, OpenSSL 1.0.2za
Vendor Advisory: https://www.openssl.org/news/secadv/20210824.txt
Restart Required: Yes
Instructions:
1. Identify OpenSSL version with 'openssl version'. 2. Update to OpenSSL 1.1.1l or 1.0.2za. 3. Restart all services using OpenSSL. 4. Recompile applications if statically linked.
🔧 Temporary Workarounds
Avoid direct ASN.1 construction
allModify applications to use OpenSSL parsing functions (d2i) instead of directly constructing ASN.1 strings with ASN1_STRING_set0()
🧯 If You Can't Patch
- Review application code for direct ASN.1 string construction and replace with OpenSSL parsing functions
- Implement strict input validation and bounds checking for ASN.1 data processing
🔍 How to Verify
Check if Vulnerable:
Run 'openssl version' and check if output is between 1.1.1-1.1.1k or 1.0.2-1.0.2yCheck Version:
openssl versionVerify Fix Applied:
Run 'openssl version' and verify output is 1.1.1l or higher, or 1.0.2za or higher📡 Detection & Monitoring
Log Indicators:
- Application crashes with segmentation faults in OpenSSL functions
- Memory access violation errors in ASN.1 processing
Network Indicators:
- Unusual certificate parsing attempts
- Abnormal ASN.1 data in network traffic
SIEM Query:
source="*openssl*" AND ("segmentation fault" OR "buffer overrun" OR "ASN.1")🔗 References
- http://www.openwall.com/lists/oss-security/2021/08/26/2
- https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
- https://kc.mcafee.com/corporate/index?page=content&id=SB10366
- https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
- https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
- https://security.gentoo.org/glsa/202209-02
- https://security.gentoo.org/glsa/202210-02
- https://security.netapp.com/advisory/ntap-20210827-0010/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://www.debian.org/security/2021/dsa-4963
- https://www.openssl.org/news/secadv/20210824.txt
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-16
- https://www.tenable.com/security/tns-2022-02
- http://www.openwall.com/lists/oss-security/2021/08/26/2
- https://cert-portal.siemens.com/productcert/pdf/ssa-244969.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=94d23fcff9b2a7a8368dfe52214d5c2569882c11
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
- https://kc.mcafee.com/corporate/index?page=content&id=SB10366
- https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1%40%3Cdev.tomcat.apache.org%3E
- https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
- https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
- https://security.gentoo.org/glsa/202209-02
- https://security.gentoo.org/glsa/202210-02
- https://security.netapp.com/advisory/ntap-20210827-0010/
- https://security.netapp.com/advisory/ntap-20240621-0006/
- https://www.debian.org/security/2021/dsa-4963
- https://www.openssl.org/news/secadv/20210824.txt
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html
- https://www.tenable.com/security/tns-2021-16
- https://www.tenable.com/security/tns-2022-02
