UBUNTU-CVE-2021-44273

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2021-44273

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-44273.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-44273

Related

CVE-2021-44273

Published

2021-12-23T12:15:00Z

Modified

2025-04-23T15:00:30Z

Severity

7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

e2guardian v5.4.x <= v5.4.3r is affected by missing SSL certificate validation in the SSL MITM engine. In standalone mode (i.e., acting as a proxy or a transparent proxy), with SSL MITM enabled, e2guardian, if built with OpenSSL v1.1.x, did not validate hostnames in certificates of the web servers that it connected to, and thus was itself vulnerable to MITM attacks.

References

Affected packages

Ubuntu:Pro:18.04:LTS / e2guardian

Package

Name: e2guardian
Purl: pkg:deb/ubuntu/e2guardian@3.4.0.3-2?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.4.0.3-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / e2guardian

Package

Name: e2guardian
Purl: pkg:deb/ubuntu/e2guardian@5.3.4-1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.3-1

5.3.4-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / e2guardian

Package

Name: e2guardian
Purl: pkg:deb/ubuntu/e2guardian@5.3.5-3?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.4-2

5.3.5-1

5.3.5-2

5.3.5-2build1

5.3.5-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / e2guardian

Package

Name: e2guardian
Purl: pkg:deb/ubuntu/e2guardian@5.3.5-6ubuntu3?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.5-6ubuntu3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / e2guardian

Package

Name: e2guardian
Purl: pkg:deb/ubuntu/e2guardian@5.3.5-6ubuntu3?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.5-4.1ubuntu1

5.3.5-6ubuntu1

5.3.5-6ubuntu2

5.3.5-6ubuntu3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:25.04 / e2guardian

Package

Name: e2guardian
Purl: pkg:deb/ubuntu/e2guardian@5.5.7-1?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.5-6ubuntu3

5.5.6-1

5.5.7-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}