CVE-2017-18187 - CVE Vulnerability

In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. (CVSS:0.0) (Last Update:2018-02-14)

Vulnerability Details : In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. Publish Date : 2018-02-14 Last Update Date : 2018-02-14 - CVSS Scores & Vulnerability Types CVSS Score 0.0 Confidentiality Impact ??? Integrity Impact ??? Availability Impact ??? Access Complexity ??? Authentication ??? Gained Access None Vulnerability Type(s) OverflowBypass a restriction or similar CWE ID CWE id is not defined for this vulnerability - Products Affected By CVE-2017-18187 # Product Type Vendor Product Version Update Edition Language No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days. - References For CVE-2017-18187 https://github.com/ARMmbed/mbedtls/blob/master/ChangeLog CONFIRM https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28 CONFIRM

- Metasploit Modules Related To CVE-2017-18187 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)