vulnerability

Alpine Linux: CVE-2017-14032: Improper Authentication

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	08/30/2017	08/22/2024	10/01/2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

08/30/2017

Added

08/22/2024

Modified

10/01/2024

Description

ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected.

Solution(s)

alpine-linux-upgrade-mbedtlsalpine-linux-upgrade-mbedtls2

References

CVE-2017-14032
https://attackerkb.com/topics/CVE-2017-14032
URL-https://security.alpinelinux.org/vuln/CVE-2017-14032

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today