The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm contains point Q constants with a possible relationship to certain "skeleton key" values, which might allow context-dependent attackers to defeat cryptographic protection mechanisms by leveraging knowledge of those values. NOTE: this is a preliminary CVE for Dual_EC_DRBG; future research may provide additional details about point Q and associated attacks, and could potentially lead to a RECAST or REJECT of this CVE.
Published 2013-10-11 22:55:34
Updated 2022-11-01 14:44:55
Source Oracle
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2007-6755

Probability of exploitation activity in the next 30 days: 0.61%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-6755

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source
5.8
MEDIUM AV:N/AC:M/Au:N/C:P/I:P/A:N
8.6
4.9
NIST

CWE ids for CVE-2007-6755

References for CVE-2007-6755

Products affected by CVE-2007-6755

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!