Shodan
Vulnerabilities
Vulnerable Software
Wolfssl:  >> Wolfssl  >> 5.0.0  Security Vulnerabilities
CVE-2022-23408
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects connections (without AEAD) using AES-CBC or DES3 with TLS 1.1 or 1.2 or DTLS 1.1 or 1.2. This occurs because of misplaced memory initialization in BuildMessage in internal.c.
CVSS Score
9.1
EPSS Score
0.003
Published
2022-01-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved