← العودة للجدول
CVE-2014-2897
CVE-2014-2897 — The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check
📅 2020-01-28
🔴 Critical 🔥 No NVD Exploit Vulnerability CVSS 9.8

📋 الوصف الكامل

The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.

💻 الأنظمة المتأثرة

The SSL 3

⚠️ نوع التهديد

Exploit

🔗 CVE ID

CVE-2014-2897

📡 المصدر

NVD

✅ الحلول والتخفيف

Refer to CVE-2014-2897 NVD advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ←