CVE-2023-50979

Published: Dic 18, 2023 Last Modified: Nov 21, 2024

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,9

Source: [email protected]

Attack Vector: network

Attack Complexity: high

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: none

Availability: none

Description

AI Translation Available

Crypto++ (aka cryptopp) through 8.9.0 has a Marvin side channel during decryption with PKCS#1 v1.5 padding.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0008

Percentile

0,2th

Updated

EPSS Score Trend (Last 90 Days)

203

Observable Discrepancy

Incomplete

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Access Control

Potential Impacts:

Read Application Data Bypass Protection Mechanism

Applicable Platforms

All platforms may be affected

View CWE Details

Application

Crypto\+\+ by Cryptopp

Product Information

Vendor Cryptopp

Product Crypto\+\+

Version Range Affected

To 8.9.0 (inclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:cryptopp:crypto\+\+:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://github.com/weidai11/cryptopp/issues/1247

Exploit

https://github.com/weidai11/cryptopp/issues/1247

Exploit

https://github.com/weidai11/cryptopp/issues/1247

CVE-2023-50979

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Observable Discrepancy

Common Consequences

Applicable Platforms

Crypto\+\+ by Cryptopp

Product Information

Iscriviti alla newsletter