Common Weakness Enumeration

CWE-208

Allowed

Observable Timing Discrepancy

Abstraction: Base · Status: Incomplete

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

306 vulnerabilities reference this CWE, most recent first.

CVE-2023-25806 (GCVE-0-2023-25806)

Vulnerability from cvelistv5 – Published: 2023-03-02 03:04 – Updated: 2025-03-05 21:28
VLAI
Title
Time discrepancy in authentication responses in OpenSearch
Summary
OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs. Patches were released in versions 1.3.9 and 2.6.0, there are no workarounds.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable Timing Discrepancy
Assigner
References
Impacted products
Vendor Product Version
opensearch-project security Affected: < 1.3.9
Affected: >= 2.0.0, < 2.6.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:32:12.694Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/opensearch-project/security/security/advisories/GHSA-c6wg-cm5x-rqvj",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/opensearch-project/security/security/advisories/GHSA-c6wg-cm5x-rqvj"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25806",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T21:28:22.405522Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T21:28:42.975Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "security",
          "vendor": "opensearch-project",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.3.9"
            },
            {
              "status": "affected",
              "version": "\u003e= 2.0.0, \u003c 2.6.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the internal basic identity provider (IdP), and not other externally configured IdPs. Patches were released in versions 1.3.9 and 2.6.0, there are no workarounds."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208: Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-02T03:04:26.889Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/opensearch-project/security/security/advisories/GHSA-c6wg-cm5x-rqvj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/opensearch-project/security/security/advisories/GHSA-c6wg-cm5x-rqvj"
        }
      ],
      "source": {
        "advisory": "GHSA-c6wg-cm5x-rqvj",
        "discovery": "UNKNOWN"
      },
      "title": "Time discrepancy in authentication responses in OpenSearch"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-25806",
    "datePublished": "2023-03-02T03:04:26.889Z",
    "dateReserved": "2023-02-15T16:34:48.772Z",
    "dateUpdated": "2025-03-05T21:28:42.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25529 (GCVE-0-2023-25529)

Vulnerability from cvelistv5 – Published: 2023-09-20 00:08 – Updated: 2024-08-02 11:25
VLAI
Summary
NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering.
CWE
Assigner
Impacted products
Vendor Product Version
NVIDIA DGX H100 BMC Affected: All versions prior to 23.08.07
Create a notification for this product.
NVIDIA DGX A100 BMC Affected: All BMC versions prior to 00.22.05
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:25:19.194Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5473"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DGX H100 BMC",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to 23.08.07"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DGX A100 BMC",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All BMC versions prior to 00.22.05"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user\u2019s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering."
            }
          ],
          "value": "NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user\u2019s session token by observing timing discrepancies between server responses. A successful exploit of this vulnerability may lead to information disclosure, escalation of privileges, and data tampering."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Information disclosure, escalation of privileges, and data tampering"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-25T18:09:15.767Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5473"
        },
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5510"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2023-25529",
    "datePublished": "2023-09-20T00:08:17.345Z",
    "dateReserved": "2023-02-07T02:57:25.083Z",
    "dateUpdated": "2024-08-02T11:25:19.194Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25000 (GCVE-0-2023-25000)

Vulnerability from cvelistv5 – Published: 2023-03-30 00:17 – Updated: 2025-02-13 16:44
VLAI
Title
Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations
Summary
HashiCorp Vault's implementation of Shamir's secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a brute force effort to recover the Shamir shares. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable Timing Discrepancy
Assigner
Impacted products
Vendor Product Version
HashiCorp Vault Affected: 1.13.0 , < 1.13.1 (semver)
Affected: 1.12.0 , < 1.12.5 (semver)
Affected: 1.11.0 , < 1.11.9 (semver)
Affected: 0 , < 1.11.0 (semver)
Create a notification for this product.
HashiCorp Vault Enterprise Affected: 1.13.0 , < 1.13.1 (semver)
Affected: 1.12.0 , < 1.12.5 (semver)
Affected: 1.11.0 , < 1.11.9 (semver)
Affected: 0 , < 1.11.0 (semver)
Create a notification for this product.
Credits
Giuseppe Cocomazzi
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.500Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230526-0008/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25000",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T15:02:13.804694Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:02:17.672Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "MacOS",
            "Linux",
            "x86",
            "ARM",
            "64 bit",
            "32 bit"
          ],
          "product": "Vault",
          "repo": "https://github.com/hashicorp/vault",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.13.1",
              "status": "affected",
              "version": "1.13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.5",
              "status": "affected",
              "version": "1.12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.11.9",
              "status": "affected",
              "version": "1.11.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.11.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows",
            "MacOS",
            "Linux",
            "x86",
            "ARM",
            "64 bit",
            "32 bit"
          ],
          "product": "Vault Enterprise",
          "vendor": "HashiCorp",
          "versions": [
            {
              "lessThan": "1.13.1",
              "status": "affected",
              "version": "1.13.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.12.5",
              "status": "affected",
              "version": "1.12.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.11.9",
              "status": "affected",
              "version": "1.11.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.11.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Giuseppe Cocomazzi"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "HashiCorp Vault\u0027s implementation of Shamir\u0027s secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a brute force effort to recover the Shamir shares. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9."
            }
          ],
          "value": "HashiCorp Vault\u0027s implementation of Shamir\u0027s secret sharing used precomputed table lookups, and was vulnerable to cache-timing attacks. An attacker with access to, and the ability to observe a large number of unseal operations on the host through a side channel may reduce the search space of a brute force effort to recover the Shamir shares. Fixed in Vault 1.13.1, 1.12.5, and 1.11.9."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-204",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-204 Lifting Sensitive Data Embedded in Cache"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208 Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-26T19:06:26.655Z",
        "orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
        "shortName": "HashiCorp"
      },
      "references": [
        {
          "url": "https://discuss.hashicorp.com/t/hcsec-2023-10-vault-vulnerable-to-cache-timing-attacks-during-seal-and-unseal-operations/52078"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230526-0008/"
        }
      ],
      "source": {
        "advisory": "HCSEC-2023-10",
        "discovery": "EXTERNAL"
      },
      "title": "Vault Vulnerable to Cache-Timing Attacks During Seal and Unseal Operations"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc",
    "assignerShortName": "HashiCorp",
    "cveId": "CVE-2023-25000",
    "datePublished": "2023-03-30T00:17:46.230Z",
    "dateReserved": "2023-02-01T17:54:13.893Z",
    "dateUpdated": "2025-02-13T16:44:28.625Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-20572 (GCVE-0-2023-20572)

Vulnerability from cvelistv5 – Published: 2026-06-26 15:53 – Updated: 2026-06-26 15:59
VLAI
Summary
An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable timing discrepancy
Assigner
AMD
Impacted products
Vendor Product Version
AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Picasso-FP5 1.0.1.1
Create a notification for this product.
AMD AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics Unaffected: Pollock-FT5 1.0.0.7
Create a notification for this product.
AMD AMD Ryzen™ 5000 Series Processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
Create a notification for this product.
AMD AMD Ryzen™ 7030 Series Mobile processors with Radeon™ Graphics Unaffected: Cezanne-FP6 1.0.1.0
Create a notification for this product.
AMD AMD Ryzen™ 4000 Series Mobile Processors with Radeon™ Graphics Unaffected: Renoir-FP6 1.0.0.D
Create a notification for this product.
AMD AMD Ryzen™ 6000 Series Processors with Radeon™ Graphics Unaffected: Rembrandt-FP7 1.0.0.A
Create a notification for this product.
AMD AMD Ryzen™ 7020 Series Processors with Radeon™ Graphics Unaffected: MendocinoPI-FT6 1.0.0.6
Create a notification for this product.
AMD AMD Athlon™ 3000 Series Desktop Processors with Radeon™ Graphics Unaffected: ComboAM4v2PI 1.2.0.CA
Create a notification for this product.
AMD AMD Ryzen™ 5000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
Create a notification for this product.
AMD AMD Ryzen™ 3000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
Unaffected: ComboAM4PI 1.0.0.F
Create a notification for this product.
AMD AMD Ryzen™ 4000 Series Desktop Processors Unaffected: ComboAM4v2PI 1.2.0.CA
Create a notification for this product.
AMD AMD Ryzen™ 8000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.7a
Create a notification for this product.
AMD AMD Ryzen™ 7000 Series Desktop Processors Unaffected: ComboAM5 1.0.0.7a
Create a notification for this product.
AMD AMD Ryzen™ Threadripper™ 3000 Series Processors Unaffected: CastlePeakPI-SP3r3 1.0.0.C
Create a notification for this product.
AMD AMD Ryzen™ Threadripper™ PRO 3000WX Series Processors Unaffected: CastlePeakWSPI-sWRX8 1.0.0.E
Create a notification for this product.
AMD AMD Ryzen™ Threadripper™ PRO 5000 WX-Series Processors Unaffected: ChagallWSPI-sWRX8 1.0.0.9
Create a notification for this product.
AMD AMD Ryzen™ Threadripper™ 7000 Processors Unaffected: StormPeakPI-SP6 1.1.0.0c
Create a notification for this product.
AMD AMD Ryzen™ Threadripper™ PRO 7000WX-Series Processors Unaffected: StormPeakPI-SP6 1.0.0.1e
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20572",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-26T15:59:13.642252Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-26T15:59:23.309Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Picasso-FP5  1.0.1.1"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Pollock-FT5  1.0.0.7"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Cezanne-FP6  1.0.1.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7030 Series Mobile processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Cezanne-FP6  1.0.1.0"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Mobile Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Renoir-FP6  1.0.0.D"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 6000 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "Rembrandt-FP7  1.0.0.A"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7020 Series Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "MendocinoPI-FT6  1.0.0.6"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Athlon\u2122 3000 Series Desktop Processors with Radeon\u2122 Graphics",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            },
            {
              "status": "unaffected",
              "version": "ComboAM4PI  1.0.0.F"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 4000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 8000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5  1.0.0.7a"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 7000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM5  1.0.0.7a"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakPI-SP3r3  1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8  1.0.0.9"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 7000 Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6  1.1.0.0c"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 7000WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "StormPeakPI-SP6  1.0.0.1e"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity."
            }
          ],
          "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message, potentially leading to a loss of data integrity."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208 Observable timing discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-26T15:53:38.503Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20572",
    "datePublished": "2026-06-26T15:53:38.503Z",
    "dateReserved": "2022-10-27T18:53:39.755Z",
    "dateUpdated": "2026-06-26T15:59:23.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-20540 (GCVE-0-2023-20540)

Vulnerability from cvelistv5 – Published: 2026-06-26 15:44 – Updated: 2026-06-26 16:00
VLAI
Summary
An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable timing discrepancy
Assigner
AMD
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-20540",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-26T16:00:48.333509Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-26T16:00:59.349Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 3000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4  1.0.0.E"
            },
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 5000 Series Desktop Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ComboAM4v2PI  1.2.0.CA"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 3000 Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakPI-SP3r3  1.0.0.C"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 3000WX Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "CastlePeakWSPI-sWRX8  1.0.0.E"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "AMD Ryzen\u2122 Threadripper\u2122 PRO 5000 WX-Series Processors",
          "vendor": "AMD",
          "versions": [
            {
              "status": "unaffected",
              "version": "ChagallWSPI-sWRX8  1.0.0.9"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity."
            }
          ],
          "value": "An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 1.8,
            "baseSeverity": "LOW",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "HIGH",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208 Observable timing discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-26T15:44:59.841Z",
        "orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
        "shortName": "AMD"
      },
      "references": [
        {
          "url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-4012.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
    "assignerShortName": "AMD",
    "cveId": "CVE-2023-20540",
    "datePublished": "2026-06-26T15:44:59.841Z",
    "dateReserved": "2022-10-27T18:53:39.742Z",
    "dateUpdated": "2026-06-26T16:00:59.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-5981 (GCVE-0-2023-5981)

Vulnerability from cvelistv5 – Published: 2023-11-28 11:49 – Updated: 2026-02-25 18:19
VLAI
Title
Gnutls: timing side-channel in the rsa-psk authentication
Summary
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
CWE
  • CWE-208 - Observable Timing Discrepancy
Assigner
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.6.16-8.el8_9 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:3.6.16-5.el8_6.2 , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.6::appstream
    cpe:/o:redhat:rhel_eus:8.6::baseos
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:3.6.16-7.el8_8.1 , < * (rpm)
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.7.6-23.el9_3.3 , < * (rpm)
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:3.7.6-21.el9_2.1 , < * (rpm)
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/o:redhat:rhel_eus:9.2::baseos
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-37 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-68 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-158 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-39 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-58 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-13 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-81 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-79 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-22 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-57 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-6 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-15 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-54 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-10 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-26 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-19 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-21 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.0-103 , < * (rpm)
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-22 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-11 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v6.8.1-407 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-19 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.0.0-479 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-7 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.4.0-247 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-5 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.1.0-227 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.1-470 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v2.9.6-14 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-2 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-24 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.6-10 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-525 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-224 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.28.1-56 , < * (rpm)
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Date Public
2023-11-15 00:00
Credits
This issue was discovered by Daiki Ueno (Red Hat).
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:25:53.708Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/01/19/3"
          },
          {
            "name": "RHSA-2024:0155",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0155"
          },
          {
            "name": "RHSA-2024:0319",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0319"
          },
          {
            "name": "RHSA-2024:0399",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0399"
          },
          {
            "name": "RHSA-2024:0451",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0451"
          },
          {
            "name": "RHSA-2024:0533",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0533"
          },
          {
            "name": "RHSA-2024:1383",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1383"
          },
          {
            "name": "RHSA-2024:2094",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2094"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5981"
          },
          {
            "name": "RHBZ#2248445",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00016.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-5.el8_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-7.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-23.el9_3.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-23.el9_3.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-21.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/cephcsi-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-37",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/mcg-core-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-68",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/mcg-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/mcg-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-39",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-console-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-58",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-metrics-exporter-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-81",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-79",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-cli-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-console-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-57",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-cosi-sidecar-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-csi-addons-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-csi-addons-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-csi-addons-sidecar-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-console-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-54",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-must-gather-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-26",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-19",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odr-cluster-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odr-hub-operator-bundle",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-158",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odr-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-21",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/rook-ceph-rhel9-operator",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-103",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-operator-bundle",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-rhel9-operator",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch6-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v6.8.1-407",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-operator-bundle",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-19",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-proxy-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.0.0-479",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-rhel9-operator",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/eventrouter-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.4.0-247",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/fluentd-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/log-file-metric-exporter-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.1.0-227",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-curator5-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.1-470",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-loki-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v2.9.6-14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-view-plugin-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-operator-bundle",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-24",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-rhel9-operator",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.6-10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/lokistack-gateway-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-525",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/opa-openshift-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-224",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/vector-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.28.1-56",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Daiki Ueno (Red Hat)."
        }
      ],
      "datePublic": "2023-11-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-25T18:19:40.648Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:0155",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0155"
        },
        {
          "name": "RHSA-2024:0319",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0319"
        },
        {
          "name": "RHSA-2024:0399",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0399"
        },
        {
          "name": "RHSA-2024:0451",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0451"
        },
        {
          "name": "RHSA-2024:0533",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0533"
        },
        {
          "name": "RHSA-2024:1383",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1383"
        },
        {
          "name": "RHSA-2024:2094",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2094"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5981"
        },
        {
          "name": "RHBZ#2248445",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2248445"
        },
        {
          "url": "https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-11-07T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-15T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: timing side-channel in the rsa-psk authentication",
      "workarounds": [
        {
          "lang": "en",
          "value": "To address the issue found upgrade to GnuTLS 3.8.2 or later versions."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-208: Observable Timing Discrepancy"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5981",
    "datePublished": "2023-11-28T11:49:50.138Z",
    "dateReserved": "2023-11-07T08:05:10.875Z",
    "dateUpdated": "2026-02-25T18:19:40.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-1538 (GCVE-0-2023-1538)

Vulnerability from cvelistv5 – Published: 2023-03-21 00:00 – Updated: 2025-02-27 16:55
VLAI
Title
Observable Timing Discrepancy in answerdev/answer
Summary
Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable Timing Discrepancy
Assigner
Impacted products
Vendor Product Version
answerdev answerdev/answer Affected: unspecified , < 1.0.6 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:49:11.665Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/answerdev/answer/commit/813ad0b9894673b1bdd489a2e9ab60a44fe990af"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://huntr.dev/bounties/ac0271eb-660f-4966-8b57-4bc660a9a1a0"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-1538",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-27T16:55:26.467208Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T16:55:54.306Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "answerdev/answer",
          "vendor": "answerdev",
          "versions": [
            {
              "lessThan": "1.0.6",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Observable Timing Discrepancy in GitHub repository answerdev/answer prior to 1.0.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208 Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-21T00:00:00.000Z",
        "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
        "shortName": "@huntrdev"
      },
      "references": [
        {
          "url": "https://github.com/answerdev/answer/commit/813ad0b9894673b1bdd489a2e9ab60a44fe990af"
        },
        {
          "url": "https://huntr.dev/bounties/ac0271eb-660f-4966-8b57-4bc660a9a1a0"
        }
      ],
      "source": {
        "advisory": "ac0271eb-660f-4966-8b57-4bc660a9a1a0",
        "discovery": "EXTERNAL"
      },
      "title": "Observable Timing Discrepancy in answerdev/answer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
    "assignerShortName": "@huntrdev",
    "cveId": "CVE-2023-1538",
    "datePublished": "2023-03-21T00:00:00.000Z",
    "dateReserved": "2023-03-21T00:00:00.000Z",
    "dateUpdated": "2025-02-27T16:55:54.306Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-42288 (GCVE-0-2022-42288)

Vulnerability from cvelistv5 – Published: 2023-01-13 02:09 – Updated: 2025-04-07 17:56
VLAI
Summary
NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
NVIDIA NVIDIA DGX servers Affected: All BMC firmware versions prior to 00.19.07
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T13:03:45.977Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5435"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-42288",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-07T17:56:18.807806Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-07T17:56:27.043Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "NVIDIA DGX servers",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All BMC firmware versions prior to 00.19.07"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure."
            }
          ],
          "value": "NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Information Disclosure"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-13T02:09:02.245Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5435"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2022-42288",
    "datePublished": "2023-01-13T02:09:02.245Z",
    "dateReserved": "2022-10-03T14:20:26.207Z",
    "dateUpdated": "2025-04-07T17:56:27.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-39308 (GCVE-0-2022-39308)

Vulnerability from cvelistv5 – Published: 2022-10-14 00:00 – Updated: 2025-04-23 16:50
VLAI
Title
GoCD API authentication of user access tokens subject to timing attack during comparison
Summary
GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions from 19.2.0 to 19.10.0 (inclusive) are subject to a timing attack in validation of access tokens due to use of regular string comparison for validation of the token rather than a constant time algorithm. This could allow a brute force attack on GoCD server API calls to observe timing differences in validations in order to guess an access token generated by a user for API access. This issue is fixed in GoCD version 19.11.0. As a workaround, users can apply rate limiting or insert random delays to API calls made to GoCD Server via a reverse proxy or other fronting web server. Another workaround, users may disallow use of access tokens by users by having an administrator revoke all access tokens through the "Access Token Management" admin function.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable Timing Discrepancy
  • CWE-1254 - Incorrect Comparison Logic Granularity
Assigner
Impacted products
Vendor Product Version
gocd gocd Affected: >= 19.2.0, < 19.11.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T12:00:44.019Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/gocd/gocd/security/advisories/GHSA-999p-fp84-jcpq"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/gocd/gocd/commit/236d4baf92e6607f2841c151c855adcc477238b8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/gocd/gocd/releases/tag/19.11.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.gocd.org/releases/#19-11-0"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-39308",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:56:20.518050Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T16:50:02.531Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gocd",
          "vendor": "gocd",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 19.2.0, \u003c 19.11.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions from 19.2.0 to 19.10.0 (inclusive) are subject to a timing attack in validation of access tokens due to use of regular string comparison for validation of the token rather than a constant time algorithm. This could allow a brute force attack on GoCD server API calls to observe timing differences in validations in order to guess an access token generated by a user for API access. This issue is fixed in GoCD version 19.11.0. As a workaround, users can apply rate limiting or insert random delays to API calls made to GoCD Server via a reverse proxy or other fronting web server. Another workaround, users may disallow use of access tokens by users by having an administrator revoke all access tokens through the \"Access Token Management\" admin function."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208: Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1254",
              "description": "CWE-1254: Incorrect Comparison Logic Granularity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-14T00:00:00.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "url": "https://github.com/gocd/gocd/security/advisories/GHSA-999p-fp84-jcpq"
        },
        {
          "url": "https://github.com/gocd/gocd/commit/236d4baf92e6607f2841c151c855adcc477238b8"
        },
        {
          "url": "https://github.com/gocd/gocd/releases/tag/19.11.0"
        },
        {
          "url": "https://www.gocd.org/releases/#19-11-0"
        }
      ],
      "source": {
        "advisory": "GHSA-999p-fp84-jcpq",
        "discovery": "UNKNOWN"
      },
      "title": "GoCD API authentication of user access tokens subject to timing attack during comparison"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-39308",
    "datePublished": "2022-10-14T00:00:00.000Z",
    "dateReserved": "2022-09-02T00:00:00.000Z",
    "dateUpdated": "2025-04-23T16:50:02.531Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-31142 (GCVE-0-2022-31142)

Vulnerability from cvelistv5 – Published: 2022-07-14 18:55 – Updated: 2025-04-23 18:02
VLAI
Title
Potential Timing Attack Vector in @fastify/bearer-auth
Summary
@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-208 - Observable Timing Discrepancy
Assigner
Impacted products
Vendor Product Version
fastify fastify-bearer-auth Affected: >= 5.0.1, < 7.0.2
Affected: = 8.0.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:11:39.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/1633287"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31142",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:53:32.961418Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:02:16.307Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "fastify-bearer-auth",
          "vendor": "fastify",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.0.1, \u003c 7.0.2"
            },
            {
              "status": "affected",
              "version": "= 8.0.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "CWE-208: Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-14T18:55:11.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/1633287"
        }
      ],
      "source": {
        "advisory": "GHSA-376v-xgjx-7mfr",
        "discovery": "UNKNOWN"
      },
      "title": "Potential Timing Attack Vector in @fastify/bearer-auth",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-31142",
          "STATE": "PUBLIC",
          "TITLE": "Potential Timing Attack Vector in @fastify/bearer-auth"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "fastify-bearer-auth",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 5.0.1, \u003c 7.0.2"
                          },
                          {
                            "version_value": "= 8.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "fastify"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750, the bearer token has only base64 valid characters, reducing the range of characters for a brute force attack. Version 7.0.2 and 8.0.1 of @fastify/bearer-auth contain a patch. There are currently no known workarounds. The package fastify-bearer-auth, which covers versions 6.0.3 and prior, is also vulnerable starting at version 5.0.1. Users of fastify-bearer-auth should upgrade to a patched version of @fastify/bearer-auth."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-208: Observable Timing Discrepancy"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr",
              "refsource": "CONFIRM",
              "url": "https://github.com/fastify/fastify-bearer-auth/security/advisories/GHSA-376v-xgjx-7mfr"
            },
            {
              "name": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4",
              "refsource": "MISC",
              "url": "https://github.com/fastify/fastify-bearer-auth/commit/0c468a616d7e56126dc468150f6a5a92e530b8e4"
            },
            {
              "name": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716",
              "refsource": "MISC",
              "url": "https://github.com/fastify/fastify-bearer-auth/commit/39353b15409ee99474545f615ffb16180cf3b716"
            },
            {
              "name": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f",
              "refsource": "MISC",
              "url": "https://github.com/fastify/fastify-bearer-auth/commit/f921a0582dc83112039004a9b5041141b50c5b3f"
            },
            {
              "name": "https://hackerone.com/reports/1633287",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/1633287"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-376v-xgjx-7mfr",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-31142",
    "datePublished": "2022-07-14T18:55:11.000Z",
    "dateReserved": "2022-05-18T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:02:16.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

No mitigation information available for this CWE.

CAPEC-462: Cross-Domain Search Timing

An attacker initiates cross domain HTTP / GET requests and times the server responses. The timing of these responses may leak important information on what is happening on the server. Browser's same origin policy prevents the attacker from directly reading the server responses (in the absence of any other weaknesses), but does not prevent the attacker from timing the responses to requests that the attacker issued cross domain.

CAPEC-541: Application Fingerprinting

An adversary engages in fingerprinting activities to determine the type or version of an application installed on a remote target.

CAPEC-580: System Footprinting

An adversary engages in active probing and exploration activities to determine security information about a remote target system. Often times adversaries will rely on remote applications that can be probed for system configurations.