Executive Summary
Summary | |
---|---|
Title | Infineon RSA library does not properly generate RSA key pairs |
Informations | |||
---|---|---|---|
Name | VU#307015 | First vendor Publication | 2017-10-16 |
Vendor | VU-CERT | Last vendor Modification | 2017-11-08 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.3 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#307015Infineon RSA library does not properly generate RSA key pairsOverviewThe Infineon RSA library version 1.02.013 does not properly generate RSA key pairs, which may allow an attacker to recover the RSA private key corresponding to an RSA public key generated by this library. This vulnerability is often cited as "ROCA" in the media. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis vulnerability was disclosed by Matus Nemec, Marek Sys, Petr Svenda, Dusan Klinec, and Vashek Matyas. This document was written by Garret Wassermann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/307015 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Os | 4 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-10-17 | Name : The X.509 certificate chain used by this service contains certificates with R... File : ssl_weak_rsa_keys_roca.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2017-11-09 00:20:53 |
|
2017-11-08 21:26:07 |
|
2017-11-08 17:22:49 |
|
2017-11-02 13:23:04 |
|
2017-10-25 00:22:38 |
|
2017-10-24 21:23:07 |
|
2017-10-21 00:22:48 |
|
2017-10-20 21:22:55 |
|
2017-10-19 17:22:17 |
|
2017-10-18 21:22:29 |
|
2017-10-17 00:22:46 |
|