Vulnerabilities > CVE-2023-5981 - Information Exposure Through Discrepancy vulnerability in multiple products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
gnu
redhat
fedoraproject
CWE-203
NVD
Published: 2023-11-28
Updated: 2024-11-21

Summary

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Vulnerable Configurations

Part Description Count
Application
Gnu
1
OS
Redhat
2
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)

References