CVE-2023-6681

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.
Configurations

Configuration 1 (hide)

cpe:2.3:a:latchset:jwcrypto:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:44

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:3267 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2024:3267 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2023-6681 - Third Party Advisory () https://access.redhat.com/security/cve/CVE-2023-6681 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2260843 - Issue Tracking, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=2260843 - Issue Tracking, Third Party Advisory

12 Nov 2024, 18:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:9281 -

10 Oct 2024, 14:32

Type Values Removed Values Added
First Time Redhat enterprise Linux For Ibm Z Systems
Redhat
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux
Latchset
Latchset jwcrypto
Redhat enterprise Linux For Arm 64
Fedoraproject fedora
Fedoraproject
References () https://access.redhat.com/errata/RHSA-2024:3267 - () https://access.redhat.com/errata/RHSA-2024:3267 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2023-6681 - () https://access.redhat.com/security/cve/CVE-2023-6681 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2260843 - () https://bugzilla.redhat.com/show_bug.cgi?id=2260843 - Issue Tracking, Third Party Advisory
CPE cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*
cpe:2.3:a:latchset:jwcrypto:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

22 May 2024, 17:16

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:3267 -

18 Apr 2024, 18:15

Type Values Removed Values Added
CWE CWE-400
Summary
  • (es) Se encontró una vulnerabilidad en JWCrypto. Esta falla permite que un atacante provoque un ataque de denegación de servicio (DoS) y posibles ataques de fuerza bruta y diccionario de contraseñas que consuman más recursos. Este problema puede resultar en una gran cantidad de consumo computacional, provocando un ataque de denegación de servicio.

12 Feb 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-02-12 14:15

Updated : 2024-11-21 08:44


NVD link : CVE-2023-6681

Mitre link : CVE-2023-6681

CVE.ORG link : CVE-2023-6681


JSON object : View

Products Affected

fedoraproject

  • fedora

redhat

  • enterprise_linux_for_ibm_z_systems
  • enterprise_linux_for_arm_64
  • enterprise_linux
  • enterprise_linux_for_power_little_endian

latchset

  • jwcrypto
CWE
CWE-400

Uncontrolled Resource Consumption