CVE-2017-14032
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-14032
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14032.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-14032
- Related
- Published
- 2017-08-30T20:29:00Z
- Modified
- 2024-12-05T15:23:00.924937Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected.
- References
-
- http://www.debian.org/security/2017/dsa-3967
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02
- https://bugs.debian.org/873557
- https://github.com/ARMmbed/mbedtls/commit/31458a18788b0cf0b722acda9bb2f2fe13a3fb32
- https://github.com/ARMmbed/mbedtls/commit/d15795acd5074e0b44e71f7ede8bdfe1b48591fc
- https://security.alpinelinux.org/vuln/CVE-2017-14032
- https://security-tracker.debian.org/tracker/CVE-2017-14032
Affected packages
Alpine:v3.10 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.11 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.12 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.13 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.14 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.15 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.16 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.17 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.18 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.19 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.20 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Alpine:v3.21 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:apk/alpine/mbedtls?arch=source
Debian:11 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:deb/debian/mbedtls?arch=source
Debian:12 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:deb/debian/mbedtls?arch=source
Debian:13 / mbedtls
Package
- Name
- mbedtls
- Purl
- pkg:deb/debian/mbedtls?arch=source
Git / github.com/armmbed/mbedtls
Affected ranges
- Type
- GIT
- Repo
- https://github.com/armmbed/mbedtls
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Type
- GIT
- Repo
- https://github.com/mbed-tls/mbedtls
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
Other
beta-oob-2
list
mbedos-2016q1-oob1
mbedos-2016q1-oob2
mbedos-2016q1-oob3
mbedos-release-15-11
mbedos-techcon-oob2
mbedos-16.*
mbedos-16.01-release
mbedos-16.03-release
mbedtls-1.*
mbedtls-1.3.10
mbedtls-1.4-dtls-preview
mbedtls-2.*
mbedtls-2.0.0
mbedtls-2.1.0
mbedtls-2.1.1
mbedtls-2.1.2
mbedtls-2.2.0
mbedtls-2.2.1
mbedtls-2.3.0
mbedtls-2.4.0
mbedtls-2.5.0
mbedtls-2.5.1
polarssl-1.*
polarssl-1.2.0
polarssl-1.2.1
polarssl-1.2.2
polarssl-1.2.3
polarssl-1.2.4
polarssl-1.2.5
polarssl-1.2.6
polarssl-1.3.0
polarssl-1.3.0-rc0
polarssl-1.3.1
polarssl-1.3.2
polarssl-1.3.3
polarssl-1.3.4
polarssl-1.3.5
polarssl-1.3.6
polarssl-1.3.7
polarssl-1.3.8
polarssl-1.3.9
yotta-2.*
yotta-2.2.1
yotta-2.2.2
yotta-2.2.3
yotta-2.3.0
yotta-2.3.1