CVE-2023-33855
CVSS 3.1 Score 3.7 of 10 (low)
Details
Published Mar 26, 2024
CWE ID 385
Summary
CVE-2023-33855 refers to a vulnerability in IBM Common Cryptographic Architecture (CCA) versions 7.0.0 through 7.5.36. Under specific conditions, RSA operations show non-constant-time behavior, making them susceptible to timing-based attacks. An attacker can exploit this weakness remotely and potentially gain access to sensitive information. IBM's X-Force has assigned ID 257676 to this security issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share