CVE-2014-9742

Published: May 13, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The Miller-Rabin primality check in Botan before 1.10.8 and 1.11.x before 1.11.9 improperly uses a single random base, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a DH group.

Affected (10)

Products: Botan Project: Botan

Botan Project

1 product

Botan

Configuration A

10 vulnerable

Vulnerable Software	Affected Versions
Botan Project Botan	Up to 1.10.7
Botan Project Botan	Version 1.11.0
Botan Project Botan	Version 1.11.1
Botan Project Botan	Version 1.11.2
Botan Project Botan	Version 1.11.3
Botan Project Botan	Version 1.11.4
Botan Project Botan	Version 1.11.5
Botan Project Botan	Version 1.11.6
Botan Project Botan	Version 1.11.7
Botan Project Botan	Version 1.11.8

Related CWEs

CWE-310

References (4)

http://botan.randombit.net/security.html

Source: cve@mitre.org

Vendor Advisory

http://marc.info/?l=botan-devel&m=139717503205066&w=2

Source: cve@mitre.org

Vendor Advisory

http://botan.randombit.net/security.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://marc.info/?l=botan-devel&m=139717503205066&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.