cbcvebase.
CVE-2017-14032
published 2017-08-30

CVE-2017-14032: ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509…

PriorityP351high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
EPSS
1.49%
70.9th percentile
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected.

Affected

35 ranges· showing 25
VendorProductVersion rangeFixed in
armmbed_tls
armmbed_tls
armmbed_tls
armmbed_tls
armmbed_tls
armmbed_tls
debianmbedtls< mbedtls 2.6.0-1 (bookworm)mbedtls 2.6.0-1 (bookworm)
mbedmbedtls>= 0 < 2.6.0-12.6.0-1
mbedmbedtls>= 0 < 2.6.0-12.6.0-1
mbedmbedtls>= 0 < 2.6.0-12.6.0-1
mbedmbedtls>= 0 < 2.6.0-12.6.0-1
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls
trustedfirmwarembed_tls

CVSS provenance

nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv8.1HIGH
vendor_debian8.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.