← Voltar para CVEs
CVE-2017-17428
N/ADescricao
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado3/5/2018
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
cavium:nitrox_ssl_sdkcavium:nitrox_v_ssl_sdkcavium:octeon_sdkcavium:octeon_ssl_sdkcavium:turbossl_sdkcisco:ace30_application_control_engine_modulecisco:ace30_application_control_engine_module_firmwarecisco:ace4710_application_control_engine_firmwarecisco:ace_4710_application_control_enginecisco:adaptive_security_appliance_5505cisco:adaptive_security_appliance_5505_firmwarecisco:adaptive_security_appliance_5510cisco:adaptive_security_appliance_5510_firmwarecisco:adaptive_security_appliance_5520cisco:adaptive_security_appliance_5520_firmwarecisco:adaptive_security_appliance_5540cisco:adaptive_security_appliance_5540_firmwarecisco:adaptive_security_appliance_5550cisco:adaptive_security_appliance_5550_firmwarecisco:webex_conect_imcisco:webex_meetings
Fraquezas (CWE)
CWE-327
Referencias
http://www.securityfocus.com/bid/102170(cve@mitre.org)
http://www.securitytracker.com/id/1039984(cve@mitre.org)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher(cve@mitre.org)
https://www.cavium.com/security-advisory-cve-2017-17428.html(cve@mitre.org)
https://www.kb.cert.org/vuls/id/144389(cve@mitre.org)
http://www.securityfocus.com/bid/102170(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039984(af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher(af854a3a-2127-422b-91ae-364da2661108)
https://www.cavium.com/security-advisory-cve-2017-17428.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/144389(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.