Lucene search

[email protected]CVE-2014-1959

HistoryMar 07, 2014 - 12:10 a.m.

CVE-2014-1959

2014-03-0700:10:57

CWE-264

[email protected]

web.nvd.nist.gov

cve-2014-1959

gnutls

x.509 certificates

security vulnerability

nvd

remote attackers

bypass restrictions

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.3 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.6%

JSON

lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.

Affected configurations

NVD

Node

gnugnutlsRange≤3.1.20

gnugnutlsMatch3.1.0

gnugnutlsMatch3.1.1

gnugnutlsMatch3.1.2

gnugnutlsMatch3.1.3

gnugnutlsMatch3.1.4

gnugnutlsMatch3.1.5

gnugnutlsMatch3.1.6

gnugnutlsMatch3.1.7

gnugnutlsMatch3.1.8

gnugnutlsMatch3.1.9

gnugnutlsMatch3.1.10

gnugnutlsMatch3.1.11

gnugnutlsMatch3.1.12

gnugnutlsMatch3.1.13

gnugnutlsMatch3.1.14

gnugnutlsMatch3.1.15

gnugnutlsMatch3.1.16

gnugnutlsMatch3.1.17

gnugnutlsMatch3.1.18

gnugnutlsMatch3.1.19

Node

gnugnutlsRange≤3.2.10

gnugnutlsMatch3.2.0

gnugnutlsMatch3.2.1

gnugnutlsMatch3.2.2

gnugnutlsMatch3.2.3

gnugnutlsMatch3.2.4

gnugnutlsMatch3.2.5

gnugnutlsMatch3.2.6

gnugnutlsMatch3.2.7

gnugnutlsMatch3.2.8

gnugnutlsMatch3.2.8.1

gnugnutlsMatch3.2.9

CPENameOperatorVersion
gnu:gnutlsgnu gnutlsle3.1.20
gnu:gnutlsgnu gnutlseq3.1.0
gnu:gnutlsgnu gnutlseq3.1.1
gnu:gnutlsgnu gnutlseq3.1.2
gnu:gnutlsgnu gnutlseq3.1.3
gnu:gnutlsgnu gnutlseq3.1.4
gnu:gnutlsgnu gnutlseq3.1.5
gnu:gnutlsgnu gnutlseq3.1.6
gnu:gnutlsgnu gnutlseq3.1.7
gnu:gnutlsgnu gnutlseq3.1.8

CPE	Name	Operator	Version
gnu:gnutls	gnu gnutls	le	3.1.20
gnu:gnutls	gnu gnutls	eq	3.1.0
gnu:gnutls	gnu gnutls	eq	3.1.1
gnu:gnutls	gnu gnutls	eq	3.1.2
gnu:gnutls	gnu gnutls	eq	3.1.3
gnu:gnutls	gnu gnutls	eq	3.1.4
gnu:gnutls	gnu gnutls	eq	3.1.5
gnu:gnutls	gnu gnutls	eq	3.1.6
gnu:gnutls	gnu gnutls	eq	3.1.7
gnu:gnutls	gnu gnutls	eq	3.1.8