Lucene search

K
opensslOpenSSLOPENSSL:CVE-2023-6129
HistoryJan 09, 2024 - 12:00 a.m.

Vulnerability in OpenSSL CVE-2023-6129

2024-01-0900:00:00
www.openssl.org
37
openssl
vulnerability
poly1305
mac
powerpc
cpu

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

52.7%

Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions.

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

52.7%