CVE-2011-4574 in PolarSSLالمعلومات

الملخص

بحسب MITRE • 27/10/2021

PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing information based on the processor's high resolution timer (the RDTSC instruction). This instruction can be virtualized, and some virtual machine hosts have chosen to disable this instruction, returning 0s or predictable results.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

29/11/2011

إفشاء

27/10/2021

الاعتدال

تمت الموافقة

إدخال

VDB-185561

CPE

جاهز

CWE

CWE-338 (مؤكد)

CVSS

9.8 (NVD)

EPSS

0.01052

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4574
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4574
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4574/

التالي ▸نظرة عامة ◂ السابق

Do you know our Splunk app?

Download it now for free!