Description

The design of Advanced Encryption Standard (AES), aka Rijndael, allows remote attackers to recover AES keys via timing attacks on S-box lookups, which are difficult to perform in constant time in AES implementations.

Remediation

References

CVE-2005-1797

Related Vulnerabilities

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-33326)

Drupal Other Vulnerability (CVE-2006-4120)

WordPress Plugin Advanced Forms for ACF Security Bypass (1.6.8)

Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)

WordPress Plugin Akismet Cross-Site Scripting (3.1.4)

Severity

Medium

Classification

CVE-2005-1797

Tags

Missing Update Known Vulnerabilities