CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-22340 – IBM Common Cryptographic Architecture information disclosure
https://notcve.org/view.php?id=CVE-2024-22340
11 Mar 2025 — IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack. • https://www.ibm.com/support/pages/node/7185282 • CWE-208: Observable Timing Discrepancy •
CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41760 – IBM Common Cryptographic Architecture information disclosure
https://notcve.org/view.php?id=CVE-2024-41760
11 Mar 2025 — IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations. • https://www.ibm.com/support/pages/node/7185282 • CWE-203: Observable Discrepancy •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-49823 – IBM Common Cryptographic Architecture denial of service
https://notcve.org/view.php?id=CVE-2024-49823
11 Mar 2025 — IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module (HSM) using a specially crafted sequence of valid requests. • https://www.ibm.com/support/pages/node/7185282 • CWE-787: Out-of-bounds Write •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-33855 – IBM Common Cryptographic Architecture information disclosure
https://notcve.org/view.php?id=CVE-2023-33855
26 Mar 2024 — Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker to obtain sensitive information using a timing-based attack. IBM X-Force ID: 257676. Bajo ciertas condiciones, las operaciones RSA realizadas por IBM Common Cryptographic Architecture (CCA) 7.0.0 a 7.5.36 pueden exhibir un comportamiento de tiempo no constante. Esto podría permitir que un atacante remoto obtenga info... • https://exchange.xforce.ibmcloud.com/vulnerabilities/257676 • CWE-385: Covert Timing Channel •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47150 – IBM Common Cryptographic Architecture denial of service
https://notcve.org/view.php?id=CVE-2023-47150
26 Mar 2024 — IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602. IBM Common Cryptographic Architecture (CCA) 7.0.0 a 7.5.36 podría permitir que un usuario remoto provoque una denegación de servicio debido al manejo incorrecto de datos para ciertos tipos de operaciones AES. ID de IBM X-Force: 270602. • https://exchange.xforce.ibmcloud.com/vulnerabilities/270602 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2022-22423
https://notcve.org/view.php?id=CVE-2022-22423
23 Sep 2022 — IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596. IBM Common Cryptographic Architecture (versiones CCA 5.x MTM para 4767 y CCA 7.x MTM para 4769) podría permitir a un usuario local causar una denegación de servicio debido a una comprobación de entrada inapropiada. IBM X-Force ID: 223596. • https://exchange.xforce.ibmcloud.com/vulnerabilities/223596 • CWE-20: Improper Input Validation •