Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2014-0092

Published

10 years ago

Last Modified

7 years ago

CVSSv2.0 Severity

Medium

Impact Analysis

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate..

CVSSv2.0 Score

Severity: Medium
Base Score: 5.8/10
Exploit Score: 8.6/10
Access Vector: Network
Access Complexity: Medium
Authentication Required: None
Impact Score: 4.9/10
Confidentiality Impact: Partial
Availability Impact: None
Integrity Impact: Partial

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:gnu:gnutls:3.2.3:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.0:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.1:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.8:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.4:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.9:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.6:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.10:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls::::::::	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.7:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.2:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.5:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.2.8.1:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.0:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.11:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.13:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.20:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.19:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.18:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.5:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls::::::::	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.15:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.4:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.8:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.16:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.1:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.17:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.12:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.10:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.7:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.2:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.14:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.3:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.6:::::::*	Yes	-	-
cpe:2.3:a:gnu:gnutls:3.1.9:::::::*	Yes	-	-

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2014-0092

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

CVSSv2.0 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2014-0092

CVE information

Published

Last Modified

CVSSv2.0 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

Products Affected

References