CyaSSL does not check the key usage extension in leaf certificates, which allows remote malicious users to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wolfssl wolfssl |