Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:10846
HistoryJan 15, 2019 - 8:52 a.m.

Timing Side- Channel Attack

2019-01-1508:52:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15

0.005 Low

EPSS

Percentile

77.3%

OpenSSL is vulnerable to timing attacks. It happens because of lack of validation of MAC addresses in constant time during the processing of a malformed CBC padding. It is also known as “Lucky Thirteen” issue.

References