Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-3724

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffe...

9.1CVSS7.4AI score0.00541EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.17 views

CBL Mariner 2.0 Security Update: mariadb (CVE-2023-3724)

The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-3724 advisory. - If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connectin...

9.1CVSS8.3AI score0.00541EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2023/08/10 4:37 p.m.52 views

CVE-2023-3724 affecting package mariadb for versions less than 10.6.9-3.cm2

CVE-2023-3724 affecting package mariadb for versions less than 10.6.9-3.cm2. A patched version of the package is available...

9.1CVSS9.2AI score0.00541EPSS
Exploits0
OSV
OSV
added 2023/07/17 10:15 p.m.9 views

AZL-27649 CVE-2023-3724 affecting package mariadb for versions less than 10.6.9-3.cm2

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

8.8CVSS7.5AI score0.00541EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/17 9:13 p.m.14 views

CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS9.4AI score0.00541EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/17 9:13 p.m.18 views

CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS6.9AI score0.00541EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/07/17 9:13 p.m.26 views

CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS9.1AI score0.00541EPSS
Exploits0
Rows per page
Query Builder