An issue exists in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote malicious users to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote malicious users to obtain sensitive application (data of connected clients).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
contiki-ng tinydtls 2018-08-30 |