Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-22340

IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack.

Published

2025-03-11T01:15:33.257

Last Modified

2025-07-25T18:12:00.233

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses

Type: Primary
CWE-208

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	common_cryptographic_architecture	< 7.5.52	Yes
Operating System	ibm	aix	-	No
Operating System	ibm	i	-	No
Operating System	linux	linux_kernel	-	No

References

https://www.ibm.com/support/pages/node/7185282 Vendor Advisory ([email protected])