发布时间: 2021年3月5日
修改时间: 2024年10月31日
A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality.
| NVD | openEuler | |
|---|---|---|
| Confidentiality | High | High |
| Attack Vector | Local | Local |
| CVSS评分 | 4.4 | 4.4 |
| Attack Complexity | High | High |
| Privileges Required | Low | Low |
| Scope | Unchanged | Unchanged |
| Integrity | None | None |
| User Interaction | Required | Required |
| Availability | None | None |
| 公告名 | 概要 | 发布时间 |
|---|---|---|
| KylinSec-SA-2021-1998 | A flaw was found in NSS, where it is vulnerable to RSA key generation cache timing side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. The highest threat to this flaw is to confidentiality. | 2022年4月19日 |
| 产品 | 包 | 状态 |
|---|
