ASA-202107-63 - log back

ASA-202107-63 edited at 22 Jul 2021 15:56:47
Workaround
- CVE-2021-22925 can be mitigated by avoiding to use CURLOPT_TELNETOPTIONS. No known workaround exists for CVE-2021-22924.
+ CVE-2021-22925 can be mitigated by avoiding to use
+ CURLOPT_TELNETOPTIONS. No known workaround exists for CVE-2021-22924.
Impact
- libcurl could disclose potentially sensitive memory contents to a remote server when an uncommon option for TELNET servers is used. Additionally, libcurl did not sufficiently verify the 'issuer cert' when reusing connections.
+ libcurl could disclose potentially sensitive memory contents to a remote server when an uncommon option for TELNET servers is used.
+ Additionally, libcurl did not sufficiently verify the 'issuer cert' when reusing connections.
ASA-202107-63 edited at 21 Jul 2021 21:46:42
Workaround
+ CVE-2021-22925 can be mitigated by avoiding to use CURLOPT_TELNETOPTIONS. No known workaround exists for CVE-2021-22924.
Impact
+ libcurl could disclose potentially sensitive memory contents to a remote server when an uncommon option for TELNET servers is used. Additionally, libcurl did not sufficiently verify the 'issuer cert' when reusing connections.
ASA-202107-63 created at 21 Jul 2021 21:46:33