PT-2018-5191 · Matrixssl · Matrixssl

Published

2018-01-09

Updated

2018-01-26

CVE-2017-1000415

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions MatrixSSL version 3.7.2

Description The issue is related to an incorrect UTCTime date range validation in the X.509 certificate validation process. This results in some certificates having their expiration or beginning year extended by 100 years.

Recommendations For MatrixSSL version 3.7.2, update to a version that correctly validates UTCTime date ranges in X.509 certificates to prevent incorrect certificate expiration or beginning year extensions.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2017-1000415

Affected Products

Matrixssl

PT-2018-5191 · Matrixssl · Matrixssl

CVE-2017-1000415

Weakness Enumeration

Related Identifiers

Affected Products

References · 4