Lucene search

K
redhatcveRedhat.comRH:CVE-2024-26306
HistoryMay 15, 2024 - 4:28 a.m.

CVE-2024-26306

2024-05-1504:28:09
redhat.com
access.redhat.com
8
cve-2024-26306
timing-based side-channel
iperf3
rsa private key
user authentication
api
red hat
product security
mitigation
deployment
stability

7 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

A timing-based side-channel flaw was found in iperf3. If the iperf3 server is running with the --rsa-private-key-path option, the user authentication API can be attacked.

Mitigation

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

7 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

Related for RH:CVE-2024-26306