8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.1%
Software: nettle 2.7.1
OS: Cobalt 7.9
CVE-ID: CVE-2018-16869
CVE-Crit: MEDIUM.
CVE-DESC: An oracle attack based on a Bleichenbacher-type side-channel was discovered in the way nettle handles the final transformation of PKCS # 1 v1.5 data decrypted with RSA. An attacker who could run a process on the same physical core as the victim process could exploit this vulnerability to extract plaintext or in some cases downgrade any TLS connections to the vulnerable server.
CVE-STATUS: default
CVE-REV: default
CVE-ID: CVE-2021-20305
CVE-Crit: HIGH
CVE-DESC: A flaw was discovered in Nettle in versions prior to 3.7.2 where several of Nettle’s signature verification functions (GOST DSA, EDDSA, and ECDSA) caused the elliptic curve cryptography (ECC) multiplication point function to be called with out. range scalers, which can lead to incorrect results. This flaw allows an attacker to force an invalid signature, resulting in an assertion failure or possible verification failure. The biggest threat of this vulnerability is to the confidentiality, integrity as well as availability of the system.
CVE-STATUS: default
CVE-REV: default
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
6.6 Medium
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.01 Low
EPSS
Percentile
83.1%