CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-14 23:28:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
8e2ebbf9bd04edab52d0cbcbc6c2f6e2cfdaa67d
CVEs-PoC/2024/CVE-2024-5814.md
T
0xMarcio 6a17b5b11e Update CVE sources 2024-08-30 20:52
2024-08-30 20:52:42 +00:00

820 B
Raw Blame History

CVE-2024-5814

Description

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. https://doi.org/10.46586/tches.v2024.i1.457-500

POC

Reference

No PoCs from references.

Github

Reference in New Issue View Git Blame Copy Permalink