CVE-2023-33855
LOWDescription
Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker to obtain sensitive information using a timing-based attack. IBM X-Force ID: 257676.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | common_cryptographic_architecture |
| ibm | aix |
| ibm | i |
| linux | linux_kernel |
References
Frequently Asked Questions
What is CVE-2023-33855? +
How severe is CVE-2023-33855? +
What products are affected by CVE-2023-33855? +
How do I check if I'm vulnerable to CVE-2023-33855? +
Related Vulnerabilities
SCRAM (Salted Challenge Response Authentication Mechanism) is part of the family of Simple Authentication and Security Layer (SASL, RFC 4422) …
Non constant time cryptographic operation in Devolutions.XTS.NET 2024.11.19 and earlier allows an attacker to render half of the encryption key …
Post-Quantum Secure Feldman's Verifiable Secret Sharing provides a Python implementation of Feldman's Verifiable Secret Sharing (VSS) scheme. In versions 0.8.0b2 …
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, …
vLLM is an inference and serving engine for large language models (LLMs). Before version 0.11.0rc2, the API key support in …
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are …