CVE-2024-8096 - Vulnerability Details

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0047.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Curl	Curl
Debian	Debian Linux
Haxx	Curl
Netapp	Active Iq Unified Manager Bootstrap Os H300s H300s Firmware H410s H410s Firmware H500s H500s Firmware H700s H700s Firmware Hci Compute Node Ontap Select Deploy Administration Utility Ontap Tools

Configuration 1 [-]

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:::::::*
	cpe:2.3:a:netapp:ontap_tools:10:::::vmware_vsphere::

Configuration 4 [-]

AND

cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-3951-1	curl security update
Ubuntu USN	USN-7012-1	curl vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2024/09/11/1
https://curl.se/docs/CVE-2024-8096.html
https://curl.se/docs/CVE-2024-8096.json
https://hackerone.com/reports/2669852
https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html
https://nvd.nist.gov/vuln/detail/CVE-2024-8096
https://security.netapp.com/advisory/ntap-20241011-0005/
https://www.cve.org/CVERecord?id=CVE-2024-8096

History

Wed, 30 Jul 2025 19:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Debian Debian debian Linux Haxx Haxx curl Netapp Netapp active Iq Unified Manager Netapp bootstrap Os Netapp h300s Netapp h300s Firmware Netapp h410s Netapp h410s Firmware Netapp h500s Netapp h500s Firmware Netapp h700s Netapp h700s Firmware Netapp hci Compute Node Netapp ontap Select Deploy Administration Utility Netapp ontap Tools
CPEs		cpe:2.3:a:haxx:curl:::::::: cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere:: cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:::::::* cpe:2.3:a:netapp:ontap_tools:10:::::vmware_vsphere:: cpe:2.3:h:netapp:h300s:-:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:h:netapp:h500s:-:::::::* cpe:2.3:h:netapp:h700s:-:::::::* cpe:2.3:h:netapp:hci_compute_node:-:::::::* cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:netapp:bootstrap_os:-:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::*
Vendors & Products		Debian Debian debian Linux Haxx Haxx curl Netapp Netapp active Iq Unified Manager Netapp bootstrap Os Netapp h300s Netapp h300s Firmware Netapp h410s Netapp h410s Firmware Netapp h500s Netapp h500s Firmware Netapp h700s Netapp h700s Firmware Netapp hci Compute Node Netapp ontap Select Deploy Administration Utility Netapp ontap Tools

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00208}`	epss `{'score': 0.00169}`

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2024/09/11/1 https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html https://security.netapp.com/advisory/ntap-20241011-0005/

Fri, 11 Oct 2024 23:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Curl Curl curl
CPEs		cpe:2.3:a:curl:curl::::::::
Vendors & Products		Curl Curl curl
References	http://www.openwall.com/lists/oss-security/2024/09/11/1
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 14:30:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2024/09/11/1

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-295
References		https://nvd.nist.gov/vuln/detail/CVE-2024-8096 https://www.cve.org/CVERecord?id=CVE-2024-8096
Metrics	threat_severity `None`	cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}` threat_severity `Moderate`

Wed, 11 Sep 2024 10:15:00 +0000

Type	Values Removed	Values Added
Description		When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error than 'revoked' (like for example 'unauthorized') it is not treated as a bad certficate.
Title		OCSP stapling bypass with GnuTLS
References		https://curl.se/docs/CVE-2024-8096.html https://curl.se/docs/CVE-2024-8096.json https://hackerone.com/reports/2669852

MITRE

Status: PUBLISHED

Assigner: curl

Published: 2024-09-11T10:03:59.489Z

Updated: 2024-11-14T17:02:37.437Z

Reserved: 2024-08-22T14:46:26.822Z

Link: CVE-2024-8096

Vulnrichment

Updated: 2024-11-14T17:02:37.437Z

NVD

Status : Analyzed

Published: 2024-09-11T10:15:02.883

Modified: 2025-07-30T19:42:16.870

Link: CVE-2024-8096

Redhat

Severity : Moderate

Publid Date: 2024-09-11T00:00:00Z

Links: CVE-2024-8096 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object