4.3

CVE-2013-5915

The RSA-CRT implementation in PolarSSL before 1.2.9 does not properly perform Montgomery multiplication, which might allow remote attackers to conduct a timing side-channel attack and retrieve RSA private keys.

Data is provided by the National Vulnerability Database (NVD)
PolarsslPolarssl Version <= 1.2.8
PolarsslPolarssl Version0.10.0
PolarsslPolarssl Version0.10.1
PolarsslPolarssl Version0.11.0
PolarsslPolarssl Version0.11.1
PolarsslPolarssl Version0.12.0
PolarsslPolarssl Version0.12.1
PolarsslPolarssl Version0.13.1
PolarsslPolarssl Version0.14.0
PolarsslPolarssl Version0.14.2
PolarsslPolarssl Version0.14.3
PolarsslPolarssl Version0.99 Updatepre1
PolarsslPolarssl Version0.99 Updatepre3
PolarsslPolarssl Version0.99 Updatepre4
PolarsslPolarssl Version0.99 Updatepre5
PolarsslPolarssl Version1.0.0
PolarsslPolarssl Version1.1.0
PolarsslPolarssl Version1.1.0 Updaterc0
PolarsslPolarssl Version1.1.0 Updaterc1
PolarsslPolarssl Version1.1.1
PolarsslPolarssl Version1.1.2
PolarsslPolarssl Version1.1.3
PolarsslPolarssl Version1.1.4
PolarsslPolarssl Version1.1.5
PolarsslPolarssl Version1.1.6
PolarsslPolarssl Version1.1.8
PolarsslPolarssl Version1.2.0
PolarsslPolarssl Version1.2.1
PolarsslPolarssl Version1.2.2
PolarsslPolarssl Version1.2.3
PolarsslPolarssl Version1.2.4
PolarsslPolarssl Version1.2.5
PolarsslPolarssl Version1.2.6
PolarsslPolarssl Version1.2.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.69% 0.694
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N