CVE-2024-0553

CVE Details

Visit the official vulnerability details page for CVE-2024-0553 to learn more.

Initial Publication

11/13/2024

Last Update

11/13/2024

Third Party Dependency

libgnutls30

NIST CVE Summary

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.

CVE Severity

7.5

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

Ongoing

Affected Products & Versions

Version	Palette Enterprise	Palette Enterprise Airgap	VerteX	VerteX Airgap
4.4.20	Impacted	No Impact	Impacted	No Impact

Revision History

Date	Revision

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​