{"api_version":"1","generated_at":"2026-04-22T22:49:30+00:00","cve":"CVE-2023-0361","urls":{"html":"https://cve.report/CVE-2023-0361","api":"https://cve.report/api/cve/CVE-2023-0361.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-0361","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-0361"},"summary":{"title":"CVE-2023-0361","description":"A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-02-15 18:15:00","updated_at":"2023-11-07 04:00:00"},"problem_types":["CWE-203"],"metrics":[],"references":[{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/","name":"FEDORA-2023-4fc4c33f2b","refsource":"","tags":[],"title":"[SECURITY] Fedora 36 Update: gnutls-3.8.0-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.com/gnutls/gnutls/-/issues/1050","name":"https://gitlab.com/gnutls/gnutls/-/issues/1050","refsource":"MISC","tags":[],"title":"Timing sidechannel in RSA decryption (#1050) · Issues · gnutls / GnuTLS · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/","name":"FEDORA-2023-1c4a6a47ae","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 37 Update: gnutls-3.8.0-1.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.netapp.com/advisory/ntap-20230725-0005/","name":"https://security.netapp.com/advisory/ntap-20230725-0005/","refsource":"CONFIRM","tags":[],"title":"July 2023 MySQL Server Vulnerabilities in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/","name":"FEDORA-2023-5b378b82b3","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 38 Update: guile-gnutls-3.7.11-1.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/","name":"FEDORA-2023-1c4a6a47ae","refsource":"","tags":[],"title":"[SECURITY] Fedora 37 Update: gnutls-3.8.0-1.fc37 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20230324-0005/","name":"https://security.netapp.com/advisory/ntap-20230324-0005/","refsource":"CONFIRM","tags":[],"title":"CVE-2023-0361 GNU TLS Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/","name":"FEDORA-2023-4fc4c33f2b","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 36 Update: gnutls-3.8.0-2.fc36 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html","name":"[debian-lts-announce] 20230218 [SECURITY] [DLA 3321-1] gnutls28 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3321-1] gnutls28 security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/security/cve/CVE-2023-0361","name":"https://access.redhat.com/security/cve/CVE-2023-0361","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/tlsfuzzer/tlsfuzzer/pull/679","name":"https://github.com/tlsfuzzer/tlsfuzzer/pull/679","refsource":"MISC","tags":[],"title":"Timing attacks - docs and minor fixes by tomato42 · Pull Request #679 · tlsfuzzer/tlsfuzzer · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/","name":"FEDORA-2023-5b378b82b3","refsource":"","tags":[],"title":"[SECURITY] Fedora 38 Update: guile-gnutls-3.7.11-1.fc38 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-0361","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0361","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"10.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"38","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnu","cpe5":"gnutls","cpe6":"3.6.8-11.el8_2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"converged_systems_advisor_agent","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"ontap_select_deploy_administration_utility","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"361","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-0361","qid":"160497","title":"Oracle Enterprise Linux Security Update for gnutls (ELSA-2023-1141)"},{"cve":"CVE-2023-0361","qid":"160526","title":"Oracle Enterprise Linux Security Update for gnutls (ELSA-2023-1569)"},{"cve":"CVE-2023-0361","qid":"181559","title":"Debian Security Update for gnutls28 (DSA 5349-1)"},{"cve":"CVE-2023-0361","qid":"181582","title":"Debian Security Update for gnutls28 (DLA 3321-1)"},{"cve":"CVE-2023-0361","qid":"181897","title":"Debian Security Update for gnutls28 (CVE-2023-0361)"},{"cve":"CVE-2023-0361","qid":"199200","title":"Ubuntu Security Notification for GnuTLS Vulnerability (USN-5901-1)"},{"cve":"CVE-2023-0361","qid":"241240","title":"Red Hat Update for gnutls (RHSA-2023:1141)"},{"cve":"CVE-2023-0361","qid":"241255","title":"Red Hat Update for gnutls (RHSA-2023:1200)"},{"cve":"CVE-2023-0361","qid":"241322","title":"Red Hat Update for gnutls (RHSA-2023:1569)"},{"cve":"CVE-2023-0361","qid":"241563","title":"Red Hat Update for gnutls (RHSA-2023:3361)"},{"cve":"CVE-2023-0361","qid":"283752","title":"Fedora Security Update for gnutls (FEDORA-2023-1c4a6a47ae)"},{"cve":"CVE-2023-0361","qid":"283805","title":"Fedora Security Update for gnutls (FEDORA-2023-4fc4c33f2b)"},{"cve":"CVE-2023-0361","qid":"284274","title":"Fedora Security Update for gnutls (FEDORA-2023-5b378b82b3)"},{"cve":"CVE-2023-0361","qid":"355188","title":"Amazon Linux Security Advisory for gnutls : ALAS2023-2023-171"},{"cve":"CVE-2023-0361","qid":"378414","title":"Alibaba Cloud Linux Security Update for gnutls (ALINUX3-SA-2023:0035)"},{"cve":"CVE-2023-0361","qid":"502659","title":"Alpine Linux Security Update for gnutls"},{"cve":"CVE-2023-0361","qid":"502660","title":"Alpine Linux Security Update for gnutls"},{"cve":"CVE-2023-0361","qid":"502729","title":"Alpine Linux Security Update for gnutls"},{"cve":"CVE-2023-0361","qid":"503109","title":"Alpine Linux Security Update for gnutls"},{"cve":"CVE-2023-0361","qid":"505875","title":"Alpine Linux Security Update for gnutls"},{"cve":"CVE-2023-0361","qid":"672986","title":"EulerOS Security Update for gnutls (EulerOS-SA-2023-1843)"},{"cve":"CVE-2023-0361","qid":"672991","title":"EulerOS Security Update for gnutls (EulerOS-SA-2023-1868)"},{"cve":"CVE-2023-0361","qid":"673025","title":"EulerOS Security Update for gnutls (EulerOS-SA-2023-1953)"},{"cve":"CVE-2023-0361","qid":"673051","title":"EulerOS Security Update for gnutls (EulerOS-SA-2023-1975)"},{"cve":"CVE-2023-0361","qid":"673138","title":"EulerOS Security Update for gnutls (EulerOS-SA-2023-2291)"},{"cve":"CVE-2023-0361","qid":"673155","title":"EulerOS Security Update for gnutls (EulerOS-SA-2023-2267)"},{"cve":"CVE-2023-0361","qid":"691059","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for gnutls (0a7a5dfb-aba4-11ed-be2c-001cc0382b2f)"},{"cve":"CVE-2023-0361","qid":"691232","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for mysql (759a5599-3ce8-11ee-a0d1-84a93843eb75)"},{"cve":"CVE-2023-0361","qid":"753740","title":"SUSE Enterprise Linux Security Update for gnutls (SUSE-SU-2023:0610-1)"},{"cve":"CVE-2023-0361","qid":"755523","title":"SUSE Enterprise Linux Security Update for gnutls (SUSE-SU-2023:4952-1)"},{"cve":"CVE-2023-0361","qid":"905557","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gnutls (13574)"},{"cve":"CVE-2023-0361","qid":"905565","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gnutls (13568)"},{"cve":"CVE-2023-0361","qid":"906543","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gnutls (13574-1)"},{"cve":"CVE-2023-0361","qid":"906601","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gnutls (13574-3)"},{"cve":"CVE-2023-0361","qid":"906689","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gnutls (13568-3)"},{"cve":"CVE-2023-0361","qid":"906775","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for gnutls (13574-5)"},{"cve":"CVE-2023-0361","qid":"940958","title":"AlmaLinux Security Update for gnutls (ALSA-2023:1141)"},{"cve":"CVE-2023-0361","qid":"940969","title":"AlmaLinux Security Update for gnutls (ALSA-2023:1569)"},{"cve":"CVE-2023-0361","qid":"960668","title":"Rocky Linux Security Update for gnutls (RLSA-2023:1141)"},{"cve":"CVE-2023-0361","qid":"960894","title":"Rocky Linux Security Update for gnutls (RLSA-2023:1569)"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2023-0361","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"gnutls","version":{"version_data":[{"version_value":"gnutls-3.7.6"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"side-channel"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-0361","url":"https://access.redhat.com/security/cve/CVE-2023-0361"},{"refsource":"MISC","name":"https://github.com/tlsfuzzer/tlsfuzzer/pull/679","url":"https://github.com/tlsfuzzer/tlsfuzzer/pull/679"},{"refsource":"MISC","name":"https://gitlab.com/gnutls/gnutls/-/issues/1050","url":"https://gitlab.com/gnutls/gnutls/-/issues/1050"},{"refsource":"MLIST","name":"[debian-lts-announce] 20230218 [SECURITY] [DLA 3321-1] gnutls28 security update","url":"https://lists.debian.org/debian-lts-announce/2023/02/msg00015.html"},{"refsource":"FEDORA","name":"FEDORA-2023-1c4a6a47ae","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/"},{"refsource":"FEDORA","name":"FEDORA-2023-5b378b82b3","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/"},{"refsource":"FEDORA","name":"FEDORA-2023-4fc4c33f2b","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230324-0005/","url":"https://security.netapp.com/advisory/ntap-20230324-0005/"},{"refsource":"CONFIRM","name":"https://security.netapp.com/advisory/ntap-20230725-0005/","url":"https://security.netapp.com/advisory/ntap-20230725-0005/"}]},"description":{"description_data":[{"lang":"eng","value":"A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection."}]}},"nvd":{"publishedDate":"2023-02-15 18:15:00","lastModifiedDate":"2023-11-07 04:00:00","problem_types":["CWE-203"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.4,"baseSeverity":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.2}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnu:gnutls:3.6.8-11.el8_2:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:converged_systems_advisor_agent:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}