CVE-2017-17427 - Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adapti

CVE-2017-17427

Summary

Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations.

References

Vulnerable Configurations

cpe:2.3:o:radware:alteon_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:radware:alteon_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:radware:alteon:-:*:*:*:*:*:*:*
cpe:2.3:h:radware:alteon:-:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-203

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:N

refmap via4

bid	102199
cert-vn	VU#144389
confirm	https://support.radware.com/app/answers/answer_view/a_id/1010361/~/cve-2017-17427-adaptive-chosen-ciphertext-attack-vulnerability
misc	https://robotattack.org/

Last major update

03-10-2019 - 00:03

Published

13-12-2017 - 16:29

Last modified

03-10-2019 - 00:03