CVE-2018-3691

3 documents3 sources

Severity

4.7MEDIUM

EPSS

0.1%

top 80.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Integrated Performance Primitives Cryptography Intel Corporation Integrated Performance Primitives Cryptography Library

Timeline

PublishedJun 5

Latest updateMay 13

Description

Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5intel_corporation/integrated_performance_primitives_cryptography_librarybefore 2018 U3.1

▶NVDintel/integrated_performance_primitives_cryptography< 2018_u3.1

🔴Vulnerability Details

GHSA

GHSA-8774-h3c9-hphw: Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3↗2022-05-13

▶

CVEList

CVE-2018-3691: Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3↗2018-06-05

▶