Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-5814

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500

Published

2024-08-27T19:15:17.980

Last Modified

2025-12-06T00:54:13.963

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-284

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wolfssl	wolfssl	≤ 5.7.0	Yes

References

https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#add_later Release Notes ([email protected])