An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert).
Metrics
Affected Vendors & Products
References
History
Thu, 19 Sep 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Arm
Arm mbed Tls |
|
Weaknesses | CWE-295 | |
CPEs | cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:* | |
Vendors & Products |
Arm
Arm mbed Tls |
|
Metrics |
cvssV3_1
|
Thu, 05 Sep 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 05 Sep 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert). | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-09-05T00:00:00
Updated: 2024-09-05T20:29:16.858Z
Reserved: 2024-08-22T00:00:00
Link: CVE-2024-45159
Vulnrichment
Updated: 2024-09-05T20:29:11.928Z
NVD
Status : Analyzed
Published: 2024-09-05T19:15:13.150
Modified: 2024-09-19T18:26:24.687
Link: CVE-2024-45159
Redhat
No data.