6 matches found
CVE-2023-33855
CVE-2023-33855 affects IBM Common Cryptographic Architecture (CCA) used with the IBM 4769 Developer’s Toolkit. Affected versions are CCA 7.0.0 through 7.5.36, where RSA operations may exhibit non-constant-time behavior under certain conditions, potentially allowing a remote attacker to obtain sen...
CVE-2022-22423
IBM Common Cryptographic Architecture (CCA) is affected by CVE-2022-22423, causing denial of service via improper input validation. Affected products/versions include CCA 5.x MTM for 4767 (5.0.0–5.7.11) and CCA 7.x MTM for 4769 (7.0.0–7.3.43). Remediation: upgrade to CCA 5.7.12 or later (AIX/Linu...
CVE-2023-47150
CVE-2023-47150 affects IBM Common Cryptographic Architecture (CCA) versions 7.0.0 through 7.5.36. The vulnerability allows a remote attacker to cause a denial of service due to incorrect data handling for certain AES operations. The issue is documented in IBM advisories for the IBM 4769 Developer...
CVE-2024-22340
The CVE-2024-22340 entry affects IBM Common Cryptographic Architecture (CCA) versions 7.0.0–7.5.51 for the 4769 family (MTM for 4769) across IBM AIX, IBM i, IBM PowerLinux, and Linux x86. The vulnerability could allow a remote attacker to obtain sensitive information during ECDSA signature creati...
CVE-2024-49823
IBM Common Cryptographic Architecture (CCA) vulnerability CVE-2024-49823 affects CCA versions 7.0.0–7.5.51. An authenticated user could cause a denial of service in the IBM Hardware Security Module (HSM) by sending a specially crafted sequence of valid requests. The bulletin lists CWE-787 (Out-of...
CVE-2024-41760
CVE-2024-41760 affects IBM Common Cryptographic Architecture (CCA) 7.0.0–7.5.51. The Red Hat advisory and IBM security bulletin confirm a timing-attack-based information disclosure during certain RSA operations, enabling an attacker to obtain sensitive data. Impact is Information Disclosure (CVE-...