Lucene search

K
nvd[email protected]NVD:CVE-2007-3108
HistoryAug 08, 2007 - 1:17 a.m.

CVE-2007-3108

2007-08-0801:17:00
web.nvd.nist.gov
5

CVSS2

1.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0

Percentile

15.7%

The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.

Affected configurations

Nvd
Node
opensslopensslRange0.9.8e

References

CVSS2

1.2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

AI Score

5.8

Confidence

Low

EPSS

0

Percentile

15.7%