CVE-2024-21671
LOWDescription
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this vulnerability.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| vantage6 | vantage6 |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-21671? +
How severe is CVE-2024-21671? +
What products are affected by CVE-2024-21671? +
How do I check if I'm vulnerable to CVE-2024-21671? +
Related Vulnerabilities
SCRAM (Salted Challenge Response Authentication Mechanism) is part of the family of Simple Authentication and Security Layer (SASL, RFC 4422) …
An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash …
Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to …
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows …
Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central …
An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash …