OpenSSL CVE-2015-1793 Certificate Verification Security Bypass Vulnerability

OpenSSL is prone to a security-bypass vulnerability because the application fails to properly verify SSL, TLS, and DTLS certificates.

Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks.

OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus