Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.
History

Thu, 14 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 13 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
Description Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access.
Weaknesses CWE-208
References
Metrics cvssV3_1

{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: intel

Published: 2024-11-13T21:11:00.898Z

Updated: 2024-11-14T19:40:38.396Z

Reserved: 2024-05-23T17:17:07.999Z

Link: CVE-2024-31074

cve-icon Vulnrichment

Updated: 2024-11-14T15:09:55.238Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-13T21:15:16.790

Modified: 2024-11-15T14:00:09.720

Link: CVE-2024-31074

cve-icon Redhat

No data.