A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks.
Find out more about CVE-2015-2730 from the MITRE CVE dictionary dictionary and NIST NVD.
Base Score | 4.3 |
---|---|
Base Metrics | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Access Vector | Network |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | None |
Availability Impact | None |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Platform | Errata | Release Date |
---|---|---|
Red Hat Enterprise Linux 5 (nss) | RHSA-2015:1664 | 2015-08-24 |
Red Hat Enterprise Linux 6 (nss-softokn) | RHSA-2015:1699 | 2015-09-01 |
Red Hat Enterprise Linux 7 (nss-softokn) | RHSA-2015:1699 | 2015-09-01 |