Key Management Errors
CVE-2016-7056
Summary
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
- LOW
- LOCAL
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
CWE-320 - Key Management Errors
Weaknesses in this category are related to errors in the management of cryptographic keys.
Advisory Timeline
- Published