CVE-2016-6879

Опубликовано: 10 апр. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.

Ссылки

https://botan.randombit.net/security.html#id2
Third Party Advisory
https://botan.randombit.net/security.html#id2
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.27:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.28:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.29:*:*:*:*:*:*:*

cpe:2.3:a:botan_project:botan:1.11.30:*:*:*:*:*:*:*

EPSS

Процентиль: 40%

0.00185

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-320

Связанные уязвимости

CVE-2016-6879

CVSS3: 7.5

ubuntu

почти 9 лет назад

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.

CVE-2016-6879

CVSS3: 7.5

debian

почти 9 лет назад

The X509_Certificate::allowed_usage function in botan 1.11.x before 1. ...

GHSA-7rqp-c4g7-r3f5

CVSS3: 7.5

github

больше 3 лет назад

The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.

EPSS

Процентиль: 40%

0.00185

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-320