Описание
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Ссылки
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
Одно из
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive inform ...
Arm Mbed TLS before 2.6.15 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Уязвимость реализации протоколов TLS и SSL программного обеспечения Mbed TLS, связанная с непринятием мер по шифрованию защищаемых данных, позволяющая нарушителю раскрыть закрытый ключ RSA
EPSS
5.9 Medium
CVSS3
4.3 Medium
CVSS2