tls-extra: certificate validation does not check Basic Constraints
tls-extra does not check the Basic Constraints extension of a certificate in certificate chain processing. Any certificate is treated as a CA certificate. As a consequence, anyone who has a valid certificate can use it to sign another one (with an arbitrary subject DN/domain name embedded into it) and have it accepted by tls. This allows MITM attacks on TLS connections.
Info
- Published
- July 19, 2023
- Modified
- July 19, 2023
- CAPECs
- < none >
- CWEs
- 295
- Keywords
- x509, pki, mitm, historical
- Aliases
- CVE-2013-0243
- Related
- < none >
- References
- [DISCUSSION] https://www.openwall.com/lists/oss-security/2013/01/30/6
- [REPORT] https://github.com/haskell-tls/hs-tls/issues/29
- [FIX] https://github.com/haskell-tls/hs-tls/commit/15885c0649ceabd2f4d2913df8ac6dc63d6b3b37
Affected
tls-extra
- CVSS
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Versions
>=0.1.0 && <0.4.6.1- Declarations
- < none >