Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2023-5981

UNKNOWN
Published 2023-11-28T11:49:50.138Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2023-5981. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
5.9
/10
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01
0.002
probability
of exploitation in the wild

There is a 0.2% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25
Exploit Probability
Percentile: 0.528
Higher than 52.8% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Description

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Red Hat

Red Hat Enterprise Linux 8

Affected Versions:

0:3.6.16-8.el8_9
Red Hat

Red Hat Enterprise Linux 8

Affected Versions:

0:3.6.16-8.el8_9
Red Hat

Red Hat Enterprise Linux 8.6 Extended Update Support

Affected Versions:

0:3.6.16-5.el8_6.2
Red Hat

Red Hat Enterprise Linux 8.8 Extended Update Support

Affected Versions:

0:3.6.16-7.el8_8.1
Red Hat

Red Hat Enterprise Linux 9

Affected Versions:

0:3.7.6-23.el9_3.3
Red Hat

Red Hat Enterprise Linux 9

Affected Versions:

0:3.7.6-23.el9_3.3
Red Hat

Red Hat Enterprise Linux 9.2 Extended Update Support

Affected Versions:

0:3.7.6-21.el9_2.1
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-37
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-68
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-39
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-58
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-13
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-81
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-79
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-22
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-57
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-6
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-15
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-15
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-54
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-10
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-26
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-19
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-158
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-21
Red Hat

RHODF-4.15-RHEL-9

Affected Versions:

v4.15.0-103
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-22
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-11
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v6.8.1-407
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-19
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v1.0.0-479
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-7
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.4.0-247
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-5
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v1.1.0-227
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.1-470
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v2.9.6-14
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-2
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-24
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v5.8.6-10
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.1.0-525
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.1.0-224
Red Hat

RHOL-5.8-RHEL-9

Affected Versions:

v0.28.1-56
Red Hat

Red Hat Enterprise Linux 6

Red Hat

Red Hat Enterprise Linux 7

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-jvj3-gqjm-cg8p

Advisory Details

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2023-5981
WEB https://access.redhat.com/errata/RHSA-2024:0155
WEB https://access.redhat.com/errata/RHSA-2024:0319
WEB https://access.redhat.com/errata/RHSA-2024:0399
WEB https://access.redhat.com/errata/RHSA-2024:0451
WEB https://access.redhat.com/errata/RHSA-2024:0533
WEB https://access.redhat.com/errata/RHSA-2024:1383
WEB https://access.redhat.com/errata/RHSA-2024:2094
WEB https://access.redhat.com/security/cve/CVE-2023-5981
WEB https://bugzilla.redhat.com/show_bug.cgi?id=2248445
WEB https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV
WEB https://lists.fedoraproject.org/archives/list/[email protected]/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2
WEB http://www.openwall.com/lists/oss-security/2024/01/19/3

Advisory provided by GitHub Security Advisory Database. Published: November 28, 2023, Modified: July 8, 2024

References

https://access.redhat.com/errata/RHSA-2024:0155
https://access.redhat.com/errata/RHSA-2024:0319
https://access.redhat.com/errata/RHSA-2024:0399
https://access.redhat.com/errata/RHSA-2024:0451
https://access.redhat.com/errata/RHSA-2024:0533
https://access.redhat.com/errata/RHSA-2024:1383
https://access.redhat.com/errata/RHSA-2024:2094
https://access.redhat.com/security/cve/CVE-2023-5981
https://bugzilla.redhat.com/show_bug.cgi?id=2248445
https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23
Published: 2023-11-28T11:49:50.138Z
Last Modified: 2024-11-23T00:09:08.520Z
Copied to clipboard!