Description

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Remediation

References

CVE-2005-1797

Related Vulnerabilities

MediaWiki Resource Management Errors Vulnerability (CVE-2015-2937)

PHP Other Vulnerability (CVE-2015-7803)

XWiki Inadequate Encryption Strength Vulnerability (CVE-2022-29161)

Liferay Portal Missing Authorization Vulnerability (CVE-2022-39975)

WordPress Plugin Ultimate Affiliate Pro Multiple Cross-Site Scripting Vulnerabilities (3.6)

Severity

Medium

Classification

CVE-2005-1797

Tags

Missing Update Known Vulnerabilities