IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 255828.
2023-05-30T22:15:10.677
2024-11-21T08:03:09.113
Modified
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | http_server | < 8.5.5.24 | Yes |
| Application | ibm | http_server | < 9.0.5.16 | Yes |