Intrusion Prevention



This indicates an attack attempt to exploit a Security Bypass vulnerability in GnuTLS
Incorrect certificate signature checks in GnuTLS allows an attacker to impersonate as the real server in a SSL protected communication. An attacker could impersonate as a legitimate server with a specially crafted certificate. This can result in a MITM attack.

Affected Products

Up to GnuTLS 3.1.22 and 3.2.12


Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

Recommended Actions

Update GnuTLS to 3.1.23 and 3.2.x before 3.2.12

CVE References