F5-K000139794
First published: Tue May 28 2024(Updated: )
NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 F5OS | =1.7.0 | |
| F5 Traffix Systems Signaling Delivery Controller | =5.2.0=5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of F5-K000139794?
The severity of F5-K000139794 is considered high due to its potential to allow attackers to recover private data.
How do I fix F5-K000139794?
To fix F5-K000139794, upgrade Firefox to version 124 or later, and Thunderbird to version 115.9 or later.
Which versions of software are affected by F5-K000139794?
F5-K000139794 affects Firefox versions prior to 124, Firefox ESR versions prior to 115.9, and Thunderbird versions prior to 115.9.
What type of attack does F5-K000139794 allow?
F5-K000139794 allows a timing side-channel attack during RSA decryption.
Who is impacted by F5-K000139794?
Users of affected versions of Firefox, Thunderbird, F5OS-A, and Traffix SDC are impacted by F5-K000139794.
- agent/severity
- agent/last-modified-date
- agent/description
- agent/references
- agent/type
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/f5-advisory
- source/F5
- alias/CVE-2023-5388
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/f5
- canonical/f5 f5os
- version/f5 f5os/1.7.0
- canonical/f5 traffix systems signaling delivery controller
- version/f5 traffix systems signaling delivery controller/5.2.0
- version/f5 traffix systems signaling delivery controller/5.1.0