PT-2017-16667 · Openssl+1 · Openssl+1

Publicado

2017-03-07

Atualizado

2019-10-03

CVE-2017-5681

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.5.19

Description The issue concerns the RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL, which may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

Recommendations For versions prior to 0.5.19, update to version 0.5.19 or later to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-5681

Produtos afetados

Intel Quickassist Technology (Qat) Engine

Openssl

PT-2017-16667 · Openssl+1 · Openssl+1

CVE-2017-5681

Identificadores relacionados

Produtos afetados

Referências · 3