Authentication Bypass Vulnerability in x509_verify.c

Authentication Bypass Vulnerability in x509_verify.c

CVE-2021-46880 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

x509/x509_verify.c in LibreSSL before 3.4.2, and OpenBSD before 7.0 errata 006, allows authentication bypass because an error for an unverified certificate chain is sometimes discarded.

Learn more about our Web Application Penetration Testing UK.