← Zuruck zu CVEs

CVE-2020-20950

MEDIUM

5.9

Beschreibung

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure.

CVE Details

CVSS v3.1 Bewertung5.9

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AngriffsvektorNETWORK

KomplexitatHIGH

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht1/19/2021

Zuletzt geandert11/21/2024

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

apple:macosietf:public_key_cryptography_standards_\#1linux:linux_kernelmicrochip:microchip_libraries_for_applicationsmicrosoft:windows

Schwachen (CWE)

CWE-327

Referenzen

http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf(cve@mitre.org)

http://microchip.com(cve@mitre.org)

https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb(cve@mitre.org)

https://www.microchip.com/mplab/microchip-libraries-for-applications(cve@mitre.org)

http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf(af854a3a-2127-422b-91ae-364da2661108)

http://microchip.com(af854a3a-2127-422b-91ae-364da2661108)

https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb(af854a3a-2127-422b-91ae-364da2661108)

https://www.microchip.com/mplab/microchip-libraries-for-applications(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.