Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-1672

Опубликовано: 11 июл. 2023
Источник: nvd
CVSS3: 5.3
EPSS Низкий

Описание

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:tang_project:tang:*:*:*:*:*:*:*:*
Версия до 14 (исключая)
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 6%
0.00028
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-362
CWE-362

Связанные уязвимости

ubuntu логотип

CVE-2023-1672

CVSS3: 5.3
ubuntu
около 2 лет назад

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

redhat логотип

CVE-2023-1672

CVSS3: 5.3
redhat
около 2 лет назад

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

debian логотип

CVE-2023-1672

CVSS3: 5.3
debian
около 2 лет назад

A race condition exists in the Tang server functionality for key gener ...

github логотип

GHSA-9wgp-4vcq-75qr

CVSS3: 5.3
github
около 2 лет назад

A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.

oracle-oval логотип

ELSA-2023-7022

oracle-oval
почти 2 года назад

ELSA-2023-7022: tang security and bug fix update (MODERATE)

EPSS

Процентиль: 6%
0.00028
Низкий

5.3 Medium

CVSS3

Дефекты

CWE-362
CWE-362