CVE-2024-0202

Name of the Vulnerable Software and Affected Versions cryptlib (affected versions not specified)

Description A security issue has been identified in the cryptlib cryptographic library when it is compiled with support for RSA key exchange ciphersuites in TLS. This makes it vulnerable to the timing variant of the Bleichenbacher attack. An attacker who can establish a large number of connections to the server can decrypt RSA ciphertexts or forge signatures using the server's certificate.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.