Description
In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client (when doing client authentication), which allows impersonation with certificates that are not meant for client authentication (because of KeyUsage and ExtendedKeyUsage).
Published: 2026-06-15
Score: 7.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

In OCaml‑TLS versions older than 2.1.0, the server does not properly enforce certificate usage limits when authenticating clients. This weakness permits an attacker to supply a certificate that is not intended for client authentication, such as one lacking the proper KeyUsage or ExtendedKeyUsage extensions. By doing so, the attacker can pose as a legitimate client to the server, potentially gaining unauthorized access to services and data protected by client TLS authentication, thereby compromising confidentiality and integrity.

Affected Systems

Any installation of the OCaml‑TLS library that performs client authentication and is running a version prior to 2.1.0. Users of the 1.x or 2.0.x series should verify their runtime environment is affected.

Risk and Exploitability

The CVSS score of 7.4 indicates medium‑to‑high severity, while the EPSS score of less than 1% shows the current likelihood of exploitation is low but not zero. The likely attack vector is from the network: an adversary that can initiate a TLS connection to the server can supply a client certificate that lacks proper KeyUsage or ExtendedKeyUsage extensions. The server accepts such certificates without enforcing usage limits, allowing the attacker to impersonate a legitimate client and access services protected by client authentication. Although the vulnerability is not listed in CISA’s KEV catalog, its potential impact warrants prompt attention.

Generated by OpenCVE AI on June 18, 2026 at 22:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the OCaml‑TLS library to version 2.1.0 or later where certificate usage checks are enforced.
  • If an upgrade is not immediately possible, implement additional server‑side logic to verify the KeyUsage and ExtendedKeyUsage extensions of client certificates, rejecting those not marked for client authentication.
  • Re‑configure TLS settings to disable or restrict client authentication until the library is updated or custom validation is in place.
  • Monitor authentication logs for unexpected client certificates and enforce strict certificate fingerprint checks as a temporary countermeasure.

Generated by OpenCVE AI on June 18, 2026 at 22:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Title Insufficient Client Certificate Validation in OCaml‑TLS Enables Client Impersonation
Weaknesses CWE-20 CWE-295
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 17 Jun 2026 05:15:00 +0000

Type Values Removed Values Added
Title Insufficient Client Certificate Validation in OCaml‑TLS Enables Client Impersonation
Weaknesses CWE-20

Tue, 16 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 16 Jun 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Ocaml
Ocaml ocaml
Vendors & Products Ocaml
Ocaml ocaml

Mon, 15 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Description In OCaml-TLS before 2.1.0, the server implementation does insufficient checks of the certificate provided by the client (when doing client authentication), which allows impersonation with certificates that are not meant for client authentication (because of KeyUsage and ExtendedKeyUsage).
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-06-17T15:52:45.529Z

Reserved: 2026-05-12T00:00:00.000Z

Link: CVE-2026-45389

cve-icon Vulnrichment

Updated: 2026-06-16T13:56:38.346Z

cve-icon NVD

Status : Deferred

Published: 2026-06-15T20:16:28.470

Modified: 2026-06-16T15:35:16.600

Link: CVE-2026-45389

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T23:00:13Z

Weaknesses
  • CWE-295

    Improper Certificate Validation