CVE-2018-1388

Опубликовано: 07 фев. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

GSKit V7 may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding. IBM X-Force ID: 138212.

Ссылки

http://www.ibm.com/support/docview.wss?uid=swg22013022
Mitigation
Vendor Advisory
http://www.securityfocus.com/bid/103698
https://exchange.xforce.ibmcloud.com/vulnerabilities/138212
VDB Entry
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg22013022
Mitigation
Vendor Advisory
http://www.securityfocus.com/bid/103698
https://exchange.xforce.ibmcloud.com/vulnerabilities/138212
VDB Entry
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_mq:7.0.1.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.2:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.3:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.4:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.5:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.6:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.7:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.8:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.9:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.10:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.11:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.12:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.13:*:*:*:*:*:*:*

cpe:2.3:a:ibm:websphere_mq:7.0.1.14:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00312

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-7mgx-r937-8jf6