Description

IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 255828.

Remediation

References

CVE-2023-32342

Related Vulnerabilities

WordPress Plugin Content Audit Multiple Vulnerabilities (1.9.1)

Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)

Jboss EAP Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-3859)

WordPress Plugin Structured Content (JSON-LD) #wpsc Cross-Site Scripting (1.5)

WordPress Plugin WPtouch Cross-Site Request Forgery (1.9.31)

Severity

High

Classification

CVE-2023-32342 CWE-203 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities