Vulnerabilities > CVE-2017-5681 - Unspecified vulnerability in Intel Quickassist Technology Engine 0.5.18

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

intel

NVD

Published: 2017-03-07

Updated: 2019-10-03

Summary

The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

Vulnerable Configurations

Part	Description	Count
Application	Intel Intel Quickassist Technology Engine 0.5.18	1

References

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00071&languageid=en-fr