本ページは ibm common_cryptographic_architecture に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-49823 | IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module (HSM) using a specially crafted sequence of valid requests. | [email protected] | 6.5 | 0.35% | 2025-03-10 | 2026-06-17 |
| CVE-2024-41760 | IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations. | [email protected] | 3.7 | 0.24% | 2025-03-10 | 2026-06-17 |
| CVE-2024-22340 | IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack. | [email protected] | 6.5 | 0.40% | 2025-03-10 | 2026-06-17 |
| CVE-2023-47150 | IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602. | [email protected] | 7.5 | 0.65% | 2024-03-26 | 2026-06-17 |
| CVE-2023-33855 | Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker to obtain sensitive information using a timing-based attack. IBM X-Force ID: 257676. | [email protected] | 3.7 | 0.45% | 2024-03-26 | 2026-06-17 |
| CVE-2022-22423 | IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596. | [email protected] | 5.5 | 0.25% | 2022-09-23 | 2026-06-17 |