CVE-2023-33850

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 22, 2023

Updated: Aug 28, 2023

CWE ID 203

Summary

CVE-2023-33850 is a vulnerability affecting IBM GSKit-Crypto's RSA Decryption implementation. This issue allows a remote attacker to potentially obtain sensitive information through a timing-based side channel attack. By sending an excessive number of decryption requests, an attacker can exploit this vulnerability, extracting valuable data from the system. IBM's X-Force has assigned the ID 257132 to this security concern.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sOHYhl
https://www.cve.org/CVERecord?id=CVE-2023-33850
https://nvd.nist.gov/vuln/detail/CVE-2023-33850

Back to Vulnerability Database

CVE-2023-33850

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations