PT-2019-6690 · Openssl · Openssl
Jan Lieskovsky
·
Published
2019-11-26
·
Updated
2020-04-30
·
CVE-2011-4121
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03
Description
The issue allows a remote attacker to bypass or corrupt the integrity of services that rely on strong private RSA key generation mechanisms, due to the generation of an exponent value of '1' for private RSA key generation.
Recommendations
For versions after 2011-09-01 up to 2011-11-03, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openssl