cvedb.io
CVE-2017-14032
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2017-08-30T20:29:00.337 · Last modified 2026-06-17T01:05:28.520

Summary

ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected.

Affected products

arm — mbed_tls

Does this affect you?

Add your gear to cvedb and we'll alert you only when arm ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.