IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information.

IBM Corporation https://exchange.xforce.ibmcloud.com/vulnerabilities/257132

IBM Corporation CWE-203

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.

AND
     OR
          *cpe:2.3:a:ibm:cics_tx:10.1:*:*:*:advanced:*:*:*
          *cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*
     OR
          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*
     OR
          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:a:ibm:txseries_for_multiplatform:8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:ibm:txseries_for_multiplatform:9.1:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:a:ibm:txseries_for_multiplatform:8.2:*:*:*:*:*:*:*
     OR
          cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
          cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

NIST CWE-203

https://exchange.xforce.ibmcloud.com/vulnerabilities/257132 No Types Assigned

https://exchange.xforce.ibmcloud.com/vulnerabilities/257132 VDB Entry, Vendor Advisory

https://www.ibm.com/support/pages/node/7010369 No Types Assigned

https://www.ibm.com/support/pages/node/7010369 Vendor Advisory

https://www.ibm.com/support/pages/node/7022413 No Types Assigned

https://www.ibm.com/support/pages/node/7022413 Vendor Advisory

https://www.ibm.com/support/pages/node/7022414 No Types Assigned

https://www.ibm.com/support/pages/node/7022414 Vendor Advisory