CVE-2024-23680 - CERT CVE

  1. CVE-2024-23680

ID CVE-2024-23680
Sažetak AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.
Reference
CVSS
Base: 5.3
Impact: 1.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Zadnje važnije ažuriranje 29-11-2025 - 02:15
Objavljeno 19-01-2024 - 21:15