Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-45157

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 5.1
Products affected by CVE-2024-45157
  • Arm » Mbed Tls » Version: 2.26.0
    cpe:2.3:a:arm:mbed_tls:2.26.0
  • Arm » Mbed Tls » Version: 2.27.0
    cpe:2.3:a:arm:mbed_tls:2.27.0
  • Arm » Mbed Tls » Version: 2.28.0
    cpe:2.3:a:arm:mbed_tls:2.28.0
  • Arm » Mbed Tls » Version: 2.28.1
    cpe:2.3:a:arm:mbed_tls:2.28.1
  • Arm » Mbed Tls » Version: 2.28.2
    cpe:2.3:a:arm:mbed_tls:2.28.2
  • Arm » Mbed Tls » Version: 2.28.3
    cpe:2.3:a:arm:mbed_tls:2.28.3
  • Arm » Mbed Tls » Version: 2.28.4
    cpe:2.3:a:arm:mbed_tls:2.28.4
  • Arm » Mbed Tls » Version: 2.28.5
    cpe:2.3:a:arm:mbed_tls:2.28.5
  • Arm » Mbed Tls » Version: 2.28.6
    cpe:2.3:a:arm:mbed_tls:2.28.6
  • Arm » Mbed Tls » Version: 2.28.7
    cpe:2.3:a:arm:mbed_tls:2.28.7
  • Arm » Mbed Tls » Version: 2.28.8
    cpe:2.3:a:arm:mbed_tls:2.28.8
  • Arm » Mbed Tls » Version: 3.2.0
    cpe:2.3:a:arm:mbed_tls:3.2.0
  • Arm » Mbed Tls » Version: 3.2.1
    cpe:2.3:a:arm:mbed_tls:3.2.1
  • Arm » Mbed Tls » Version: 3.3.0
    cpe:2.3:a:arm:mbed_tls:3.3.0
  • Arm » Mbed Tls » Version: 3.4.0
    cpe:2.3:a:arm:mbed_tls:3.4.0
  • Arm » Mbed Tls » Version: 3.4.1
    cpe:2.3:a:arm:mbed_tls:3.4.1
  • Arm » Mbed Tls » Version: 3.5.0
    cpe:2.3:a:arm:mbed_tls:3.5.0
  • Arm » Mbed Tls » Version: 3.5.1
    cpe:2.3:a:arm:mbed_tls:3.5.1
  • Arm » Mbed Tls » Version: 3.5.2
    cpe:2.3:a:arm:mbed_tls:3.5.2
  • Arm » Mbed Tls » Version: 3.6.0
    cpe:2.3:a:arm:mbed_tls:3.6.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved