CVE-2016-6879

EUVD-2016-7764
The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
botan_projectbotan
1.11.0
botan_projectbotan
1.11.1
botan_projectbotan
1.11.2
botan_projectbotan
1.11.3
botan_projectbotan
1.11.4
botan_projectbotan
1.11.5
botan_projectbotan
1.11.6
botan_projectbotan
1.11.7
botan_projectbotan
1.11.8
botan_projectbotan
1.11.9
botan_projectbotan
1.11.10
botan_projectbotan
1.11.11
botan_projectbotan
1.11.12
botan_projectbotan
1.11.13
botan_projectbotan
1.11.14
botan_projectbotan
1.11.15
botan_projectbotan
1.11.16
botan_projectbotan
1.11.17
botan_projectbotan
1.11.18
botan_projectbotan
1.11.19
botan_projectbotan
1.11.20
botan_projectbotan
1.11.21
botan_projectbotan
1.11.22
botan_projectbotan
1.11.23
botan_projectbotan
1.11.24
botan_projectbotan
1.11.25
botan_projectbotan
1.11.26
botan_projectbotan
1.11.27
botan_projectbotan
1.11.28
botan_projectbotan
1.11.29
botan_projectbotan
1.11.30
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
botan1.10
precise
not-affected
trusty
not-affected
xenial
not-affected
yakkety
not-affected
zesty
not-affected
botan1.8
precise
not-affected
trusty
dne
xenial
dne
yakkety
dne
zesty
dne
Common Weakness Enumeration
References
https://botan.randombit.net/security.html#id2
https://botan.randombit.net/security.html#id2