VYPR
Unrated severityNVD Advisory· Published Jun 20, 2012· Updated Jun 16, 2026

CVE-2011-1923

CVE-2011-1923

Description

The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL before 0.14.2 does not properly validate a public parameter, which makes it easier for man-in-the-middle attackers to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011-5095.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • Polarssl/Polarssl9 versions
    cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:*range: <=0.14.0
    • cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:*
    • (no CPE)range: <0.14.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.