Improper Authentication in mbedtls - CVE-2017-14032
Published: August 30, 2017 / Updated: July 28, 2020
Vulnerability identifier: #VU32073
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2017-14032
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: tls.mbed.org
Affected software:
mbedtls
mbedtls
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected.
How to mitigate CVE-2017-14032
Install update from vendor's website.
Sources
- http://www.debian.org/security/2017/dsa-3967
- https://bugs.debian.org/873557
- https://github.com/ARMmbed/mbedtls/commit/31458a18788b0cf0b722acda9bb2f2fe13a3fb32
- https://github.com/ARMmbed/mbedtls/commit/d15795acd5074e0b44e71f7ede8bdfe1b48591fc
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02