Lucene search

Improper certificate management in AWS IoT Device SDK v2

🗓️ 24 Nov 2021 21:16:11Reported by GitHub Advisory DatabaseType

Improper certificate management in AWS IoT Device SD

Reporter	Title	Published	Views	Family All 10
OSV	CVE-2021-40829	23 Nov 202100:15	–	osv
OSV	Improper certificate management in AWS IoT Device SDK v2	24 Nov 202121:11	–	osv
OSV	PYSEC-2021-862	23 Nov 202100:15	–	osv
Veracode	Insecure Certificate Validation	24 Nov 202104:20	–	veracode
Prion	Code injection	23 Nov 202100:15	–	prion
Cvelist	CVE-2021-40829 TLS hostname validation issues within AWS IoT Device SDKs on macOS	22 Nov 202123:41	–	cvelist
NVD	CVE-2021-40829	23 Nov 202100:15	–	nvd
GitLab Advisory Database	Improper Certificate Validation	23 Nov 202100:00	–	gitlab
UbuntuCve	CVE-2021-40829	23 Nov 202100:00	–	ubuntucve
CVE	CVE-2021-40829	23 Nov 202100:15	–	cve

Vulners

Node

awsiotsdkRange<1.6.1

aws\-iot\-device\-sdk\-v2Range<1.5.3

software.amazon.awssdk.iotdevicesdk aws\-iot\-device\-sdkRange<1.4.2

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-40829
github	www.github.com/aws/aws-iot-device-sdk-java-v2/commits/v1.4.2
github	www.github.com/aws/aws-iot-device-sdk-cpp-v2
github	www.github.com/aws/aws-iot-device-sdk-java-v2
github	www.github.com/aws/aws-iot-device-sdk-js-v2
github	www.github.com/aws/aws-iot-device-sdk-python-v2
github	www.github.com/advisories/GHSA-743r-5g92-5vgf
github	www.github.com/awslabs/aws-c-io
github	www.github.com/pypa/advisory-database/tree/main/vulns/awsiotsdk/PYSEC-2021-862.yaml

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Nov 2021 21:11Current

3.7Low risk

Vulners AI Score3.7

CVSS25.8

CVSS36.3 - 8.8

EPSS0.00109

CWE-295