Impact
A client using libcurl may initiate a transfer that upgrades the connection to STARTTLS, but the library can incorrectly reuse an existing live connection even though the TLS configuration mismatches. This flaw allows the upgraded session to be handled over an insecure or incorrectly configured channel, exposing transmitted data and enabling a malicious party to tamper with traffic. The flaw arises from insufficient validation of the TLS state before reusing a connection.
Affected Systems
This vulnerability affects the curl library, specifically libcurl used by applications that perform STARTTLS operations. No specific version ranges are listed in the advisory, implying any build that implements STARTTLS via libcurl could be susceptible. The CNA identified the product as curl:curl, meaning that operators of software relying on libcurl should examine the version in use.
Risk and Exploitability
The formal CVSS score is not provided and the EPSS index is unavailable, and the issue is not listed in CISA KEV, so the exact likelihood of exploitation is not quantified. However, because the flaw allows a connection that does not meet TLS requirements to be reused, an adversary who can influence the server side or control the network path could potentially intercept or tamper with traffic that is presumed protected by STARTTLS. The impact involves loss of confidentiality and integrity; the available data does not indicate whether authentication or authorization are affected.
OpenCVE Enrichment
Ubuntu USN