CyaSSL Server Certificate Spoofing Vulnerability
CVE-2014-2903 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
CyaSSL does not check the key usage extension in leaf certificates, which allows remote attackers to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.
Learn more about our Cis Benchmark Audit For Server Software.