cbcvebase.

Ibm Common Cryptographic Architecture vulnerabilities

7 known vulnerabilities affecting ibm/common_cryptographic_architecture.

Total CVEs
7
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3LOW2

Vulnerabilities

Page 1 of 1
CVE-2025-13375P2CRITICALCVSS 9.8v7.5.52v8.4.822026-02-04
CVE-2025-13375 [CRITICAL] CWE-250 CVE-2025-13375: IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system.
nvd
CVE-2023-47150P3HIGHCVSS 7.5≥ 7.0.0, < 7.5.37≥ 7.0.0, ≤ 7.5.362024-03-26
CVE-2023-47150 [HIGH] CWE-400 CVE-2023-47150: IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to cause IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 could allow a remote user to cause a denial of service due to incorrect data handling for certain types of AES operations. IBM X-Force ID: 270602.
nvd
CVE-2024-22340P3MEDIUMCVSS 6.5≥ 7.0.0, < 7.5.52≥ 7.0.0, ≤ 7.5.512025-03-11
CVE-2024-22340 [MEDIUM] CWE-208 CVE-2024-22340: IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obta IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow a remote attacker to obtain sensitive information during the creation of ECDSA signatures to perform a timing-based attack.
nvd
CVE-2024-49823P4MEDIUMCVSS 6.5≥ 7.0.0, < 7.5.52≥ 7.0.0, ≤ 7.5.512025-03-11
CVE-2024-49823 [MEDIUM] CWE-787 CVE-2024-49823: IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to caus IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module (HSM) using a specially crafted sequence of valid requests.
nvd
CVE-2022-22423P4MEDIUMCVSS 5.5≥ 5.0.0, < 5.7.12≥ 7.0.0, < 7.3.442022-09-23
CVE-2022-22423 [MEDIUM] CWE-20 CVE-2022-22423: IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a IBM Common Cryptographic Architecture (CCA 5.x MTM for 4767 and CCA 7.x MTM for 4769) could allow a local user to cause a denial of service due to improper input validation. IBM X-Force ID: 223596.
nvd
CVE-2023-33855P4LOWCVSS 3.7≥ 7.0.0, < 7.5.37≥ 7.0.0, ≤ 7.5.362024-03-26
CVE-2023-33855 [LOW] CWE-385 CVE-2023-33855: Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7. Under certain conditions, RSA operations performed by IBM Common Cryptographic Architecture (CCA) 7.0.0 through 7.5.36 may exhibit non-constant-time behavior. This could allow a remote attacker to obtain sensitive information using a timing-based attack. IBM X-Force ID: 257676.
nvd
CVE-2024-41760P4LOWCVSS 3.7≥ 7.0.0, < 7.5.52≥ 7.0.0, ≤ 7.5.512025-03-11
CVE-2024-41760 [LOW] CWE-203 CVE-2024-41760: IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensi IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations.
nvd
Ibm Common Cryptographic Architecture vulnerabilities | cvebase