Lucene search
K

8 matches found

OSV
OSV
added 2023/07/17 10:15 p.m.3 views

DEBIAN-CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

8.8CVSS8.3AI score0.00541EPSS
Exploits0References1
NVD
NVD
added 2023/07/17 10:15 p.m.17 views

CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS0.00541EPSS
Exploits0References2
OSV
OSV
added 2023/07/17 10:15 p.m.1 views

UBUNTU-CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS6AI score0.00541EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/07/17 10:15 p.m.18 views

CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS7.3AI score0.00541EPSS
Exploits0References3
Prion
Prion
added 2023/07/17 10:15 p.m.23 views

Input validation

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

6.5CVSS8.7AI score0.00541EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/17 9:13 p.m.17 views

CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS6.9AI score0.00541EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/17 9:13 p.m.13 views

CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS9.4AI score0.00541EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2023/07/17 9:13 p.m.26 views

CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

9.1CVSS9.1AI score0.00541EPSS
Exploits0
Rows per page
Query Builder