X509 Certificate Verification Vulnerability in Randombit Botan Cryptographic Library

X509 Certificate Verification Vulnerability in Randombit Botan Cryptographic Library

CVE-2017-2801 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in order to trigger this vulnerability.

Learn more about our Cis Benchmark Audit For Server Software.