The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
References
Configurations
History
No history.
Information
Published : 2018-01-08 19:29
Updated : 2024-11-21 02:27
NVD link : CVE-2015-2318
Mitre link : CVE-2015-2318
CVE.ORG link : CVE-2015-2318
JSON object : View
Products Affected
debian
- debian_linux
mono-project
- mono
CWE
CWE-295
Improper Certificate Validation