// For flags

CVE-2024-34702

Botan has a Denial of Service Due to Excessive Name Constraints

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.

Botan es una librería de criptografía C++. Los certificados X.509 pueden identificar curvas elípticas utilizando un identificador de objeto o una codificación explícita de los parámetros. Antes de 3.5.0 y 2.19.5, la verificación de las restricciones de nombres en los certificados X.509 era cuadrática en el número de nombres y restricciones de nombres. Un atacante que presentara una cadena de certificados que contuviera una gran cantidad de nombres en el SubjectAlternativeName, firmado por un certificado de CA que contuviera una gran cantidad de restricciones de nombres, podría provocar una denegación de servicio. El problema se solucionó en Botan 3.5.0 y también se aplicó un backport parcial que se incluye en Botan 2.19.5.

It was discovered that Botan could have compiler dependent operations induced under certain circumstances. An attacker could possibly use this issue to cause undefined behavior. Bing Shi discovered that Botan did not limit the size of certain inputs when checking primality and name constraints. An attacker could possibly use this issue to cause a denial of service.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
None
Automatable
Yes
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-05-07 CVE Reserved
  • 2024-07-08 CVE Published
  • 2024-08-02 CVE Updated
  • 2025-06-26 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-405: Asymmetric Resource Consumption (Amplification)
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Randombit
Search vendor "Randombit"
 Botan
Search vendor "Randombit" for product "Botan"
 < 2.19.5
Search vendor "Randombit" for product "Botan" and version " < 2.19.5"
en
Affected
Randombit
Search vendor "Randombit"
 Botan
Search vendor "Randombit" for product "Botan"
 >= 3.0.0 < 3.5.0
Search vendor "Randombit" for product "Botan" and version " >= 3.0.0 < 3.5.0"
en
Affected