Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
4 vulnerabilities by cavium
VAR-201607-0468
Vulnerability from variot - Updated: 2023-12-18 12:57The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. GNU Libgcrypt is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information or impersonate trusted servers. Successful exploits will lead to other attacks. Cavium Development Kits (CDK) is a set of development kits from Cavium Corporation in the United States. Cavium Software Development Kit (SDK) is one of the software development kits. There are security vulnerabilities in the RSA-CRT implementation process in Cavium SDK version 2.x
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0468",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "traffix signaling delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "4.0.0"
},
{
"model": "traffix signaling delivery controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "4.4.0"
},
{
"model": "traffix signaling delivery controller",
"scope": "gte",
"trust": 1.0,
"vendor": "f5",
"version": "3.3.2"
},
{
"model": "traffix signaling delivery controller",
"scope": "lte",
"trust": 1.0,
"vendor": "f5",
"version": "3.5.1"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 1.0,
"vendor": "marvell",
"version": "2.0"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.8,
"vendor": "cavium",
"version": "2.x"
},
{
"model": "octeon ii cn6860",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "octeon ii cn6870",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "octeon ii cn6880",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.0.13"
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.2.6"
},
{
"model": "fortios",
"scope": "lt",
"trust": 0.8,
"vendor": "fortinet",
"version": "5.4.0"
},
{
"model": "software development kit",
"scope": "eq",
"trust": 0.6,
"vendor": "cavium",
"version": "2.0"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:marvell:software_development_kit:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:marvell:octeon_ii_cn6000:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:marvell:octeon_ii_cn6010:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:marvell:octeon_ii_cn6020:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.4.0",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.5.1",
"versionStartIncluding": "3.3.2",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5738"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "76704"
}
],
"trust": 0.3
},
"cve": "CVE-2015-5738",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2015-5738",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-83699",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-5738",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2015-5738",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2015-5738",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201509-430",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-83699",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2015-5738",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83699"
},
{
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. GNU Libgcrypt is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to obtain sensitive information or impersonate trusted servers. Successful exploits will lead to other attacks. Cavium Development Kits (CDK) is a set of development kits from Cavium Corporation in the United States. Cavium Software Development Kit (SDK) is one of the software development kits. There are security vulnerabilities in the RSA-CRT implementation process in Cavium SDK version 2.x",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "BID",
"id": "76704"
},
{
"db": "VULHUB",
"id": "VHN-83699"
},
{
"db": "VULMON",
"id": "CVE-2015-5738"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-5738",
"trust": 2.9
},
{
"db": "BID",
"id": "76704",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201509-430",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-83699",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2015-5738",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83699"
},
{
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"db": "BID",
"id": "76704"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"id": "VAR-201607-0468",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-83699"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:37.054000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "OCTEON II CN68XX",
"trust": 0.8,
"url": "http://www.cavium.com/table.html#octeonii"
},
{
"title": "RSA-CRT key leak under certain conditions",
"trust": 0.8,
"url": "http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions"
},
{
"title": "Factoring RSA Keys With TLS Perfect Forward Secrecy",
"trust": 0.8,
"url": "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"
},
{
"title": "SOL91245485",
"trust": 0.8,
"url": "https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html"
},
{
"title": "CVE-Study",
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83699"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "NVD",
"id": "CVE-2015-5738"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions"
},
{
"trust": 1.8,
"url": "https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html"
},
{
"trust": 1.8,
"url": "https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5738"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5738"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/76704"
},
{
"trust": 0.3,
"url": "https://www.gnu.org/software/libgcrypt/"
},
{
"trust": 0.3,
"url": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b85c8d6645039fc9d403791750510e439731d479"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2015/q3/522"
},
{
"trust": 0.3,
"url": "http://arstechnica.com/security/2015/09/serious-bug-causes-quite-a-few-https-sites-to-reveal-their-private-keys/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/thdusdl1219/cve-study"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-83699"
},
{
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"db": "BID",
"id": "76704"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-83699"
},
{
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"db": "BID",
"id": "76704"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-83699"
},
{
"date": "2016-07-26T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"date": "2015-09-08T00:00:00",
"db": "BID",
"id": "76704"
},
{
"date": "2016-08-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"date": "2016-07-26T17:59:00.137000",
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"date": "2015-09-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-02T00:00:00",
"db": "VULHUB",
"id": "VHN-83699"
},
{
"date": "2023-08-16T00:00:00",
"db": "VULMON",
"id": "CVE-2015-5738"
},
{
"date": "2016-07-06T14:42:00",
"db": "BID",
"id": "76704"
},
{
"date": "2016-08-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-007219"
},
{
"date": "2023-08-16T14:17:11.363000",
"db": "NVD",
"id": "CVE-2015-5738"
},
{
"date": "2016-07-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cavium Software Development Kit of RSA-CRT In the implementation of RSA Vulnerability to obtain a private key",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-007219"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201509-430"
}
],
"trust": 0.6
}
}
VAR-201803-0191
Vulnerability from variot - Updated: 2023-12-18 11:01Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a "ROBOT attack". The CiscoASA family of security appliances protects corporate networks of all sizes. It allows users to use any device, anytime, anywhere for highly secure data access. The Cisco Application Control Engine Module (ACE) family of products for the Cisco Catalyst\302\256 6500 delivers the highest levels of application infrastructure control, application performance, application security, and infrastructure simplicity. The Cisco Next-Generation Firewall ASA and the Cisco Application Control Engine ACE have information disclosure vulnerabilities that allow attackers to exploit man-in-the-middle attacks and obtain sensitive information. A successful attack can help to implement further attacks. Multiple Cisco Products are prone to multiple information-disclosure vulnerabilities. These issues are being tracked by Cisco Bug ID's CSCvg74693 and CSCvg97652. Cavium Nitrox SSL is a security processor for Nitrox. Nitrox V SSL SSL is a security processor for Nitrox V SSL. TurboSSL software development kits (SDKs) are a set of software development kits. A remote attacker could exploit this vulnerability by sending a specially crafted TLS message to the device to decrypt TLS ciphertext data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201803-0191",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ace series application control engine appliances 3.0 a5",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "4700"
},
{
"model": "ace4710 application control engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0\\(0\\)a5\\(3.0\\)"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0\\(0\\)a5\\(3.0\\)"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0\\(0\\)a5\\(2.0\\)"
},
{
"model": "ace4710 application control engine",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0\\(0\\)a5\\(3.5\\)"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0\\(0\\)a5\\(3.5\\)"
},
{
"model": "adaptive security appliance 5520",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.1\\(7.16\\)"
},
{
"model": "adaptive security appliance 5540",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.1\\(7.16\\)"
},
{
"model": "ace30 application control engine module",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance 5505",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1\\(7.16\\)"
},
{
"model": "ace4710 application control engine",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0\\(0\\)a5\\(2.0\\)"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31"
},
{
"model": "adaptive security appliance 5510",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1\\(7.16\\)"
},
{
"model": "nitrox ssl sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "cavium",
"version": "6.1.0"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t32"
},
{
"model": "turbossl sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "cavium",
"version": "1.0"
},
{
"model": "adaptive security appliance 5550",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.1\\(7.16\\)"
},
{
"model": "nitrox v ssl sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "cavium",
"version": "1.2"
},
{
"model": "octeon sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "cavium",
"version": "1.7.2"
},
{
"model": "webex conect im",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "7.24.1"
},
{
"model": "octeon ssl sdk",
"scope": "lte",
"trust": 1.0,
"vendor": "cavium",
"version": "1.5.0"
},
{
"model": "asa series firewalls",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "5500-x9.1(7.16)"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "erlang",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "legion of the bouncy castle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "matrixssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "micro focus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wolfssl",
"version": null
},
{
"model": "nitrox ssl sdk",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "nitrox v ssl sdk",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "octeon sdk",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "octeon ssl sdk",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "turbossl sdk",
"scope": null,
"trust": 0.8,
"vendor": "cavium",
"version": null
},
{
"model": "ace 4710 application control engine",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance 5505",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance 5510",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance 5520",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance 5540",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance 5550",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex connect im",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5540"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5520"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5510"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5505"
},
{
"model": "adaptive security appliance series",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5500-x"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4710"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "55400"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "55200"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "55100"
},
{
"model": "asa series adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "55050"
},
{
"model": "adaptive security appliance series",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5500-x0"
},
{
"model": "ace30 application control engine module",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47100"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "BID",
"id": "102170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cavium:octeon_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cavium:nitrox_v_ssl_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cavium:nitrox_ssl_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cavium:octeon_ssl_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cavium:turbossl_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_conect_im:7.24.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(3.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(3.5\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(2.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ace_4710_application_control_engine:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(3.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(3.5\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(2.0\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:ace30_application_control_engine_module:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17428"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "and Craig Young of Tripwire VERT.,Hanno B??ck, Juraj Somorovsky of Ruhr-Universit?\u00a4t Bochum/Hackmanit GmbH",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
],
"trust": 0.6
},
"cve": "CVE-2017-17428",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-17428",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-37270",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-108449",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-17428",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-17428",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-37270",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-577",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108449",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "VULHUB",
"id": "VHN-108449"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a \"ROBOT attack\". The CiscoASA family of security appliances protects corporate networks of all sizes. It allows users to use any device, anytime, anywhere for highly secure data access. The Cisco Application Control Engine Module (ACE) family of products for the Cisco Catalyst\\302\\256 6500 delivers the highest levels of application infrastructure control, application performance, application security, and infrastructure simplicity. The Cisco Next-Generation Firewall ASA and the Cisco Application Control Engine ACE have information disclosure vulnerabilities that allow attackers to exploit man-in-the-middle attacks and obtain sensitive information. A successful attack can help to implement further attacks. Multiple Cisco Products are prone to multiple information-disclosure vulnerabilities. \nThese issues are being tracked by Cisco Bug ID\u0027s CSCvg74693 and CSCvg97652. Cavium Nitrox SSL is a security processor for Nitrox. Nitrox V SSL SSL is a security processor for Nitrox V SSL. TurboSSL software development kits (SDKs) are a set of software development kits. A remote attacker could exploit this vulnerability by sending a specially crafted TLS message to the device to decrypt TLS ciphertext data",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "BID",
"id": "102170"
},
{
"db": "VULHUB",
"id": "VHN-108449"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#144389",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2017-17428",
"trust": 3.4
},
{
"db": "BID",
"id": "102170",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1039984",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU92438713",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-37270",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201712-577",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-108449",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "VULHUB",
"id": "VHN-108449"
},
{
"db": "BID",
"id": "102170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"id": "VAR-201803-0191",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "VULHUB",
"id": "VHN-108449"
}
],
"trust": 1.2275894433333332
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37270"
}
]
},
"last_update_date": "2023-12-18T11:01:45.129000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20171212-bleichenbacher",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171212-bleichenbacher"
},
{
"title": "CVE-2017-17428",
"trust": 0.8,
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"title": "Patch for Cisco Multiple Product Information Disclosure Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/110837"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108449"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "NVD",
"id": "CVE-2017-17428"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171212-bleichenbacher"
},
{
"trust": 2.8,
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/102170"
},
{
"trust": 1.7,
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039984"
},
{
"trust": 0.8,
"url": "https://robotattack.org"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-meyer.pdf"
},
{
"trust": 0.8,
"url": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf"
},
{
"trust": 0.8,
"url": "https://www.cert.org/historical/advisories/ca-1998-07.cfm"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc5246#section-7.4.7.1"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/203.html"
},
{
"trust": 0.8,
"url": "https://support.citrix.com/article/ctx230238"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k21905460"
},
{
"trust": 0.8,
"url": "https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c"
},
{
"trust": 0.8,
"url": "https://github.com/matrixssl/matrixssl/blob/master/doc/changes.md"
},
{
"trust": 0.8,
"url": "https://support.microfocus.com/kb/doc.php?id=7022561"
},
{
"trust": 0.8,
"url": "https://github.com/wolfssl/wolfssl/pull/1229"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-85268"
},
{
"trust": 0.8,
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17428"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu92438713"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17428"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "VULHUB",
"id": "VHN-108449"
},
{
"db": "BID",
"id": "102170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"db": "VULHUB",
"id": "VHN-108449"
},
{
"db": "BID",
"id": "102170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "CERT/CC",
"id": "VU#144389"
},
{
"date": "2017-12-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"date": "2018-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-108449"
},
{
"date": "2017-12-12T00:00:00",
"db": "BID",
"id": "102170"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"date": "2018-03-05T18:29:00.237000",
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"date": "2017-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-09T00:00:00",
"db": "CERT/CC",
"id": "VU#144389"
},
{
"date": "2017-12-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-37270"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-108449"
},
{
"date": "2017-12-19T21:01:00",
"db": "BID",
"id": "102170"
},
{
"date": "2018-04-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-012893"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-17428"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding",
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-577"
}
],
"trust": 0.6
}
}
CVE-2017-17428 (GCVE-0-2017-17428)
Vulnerability from cvelistv5 – Published: 2018-03-05 18:00 – Updated: 2024-08-05 20:51- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/102170 | vdb-entryx_refsource_BID |
| https://www.cavium.com/security-advisory-cve-2017… | x_refsource_CONFIRM |
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id/1039984 | vdb-entryx_refsource_SECTRACK |
| https://www.kb.cert.org/vuls/id/144389 | third-party-advisoryx_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102170"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
},
{
"name": "1039984",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039984"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-05T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "102170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102170"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
},
{
"name": "1039984",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039984"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102170"
},
{
"name": "https://www.cavium.com/security-advisory-cve-2017-17428.html",
"refsource": "CONFIRM",
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
},
{
"name": "1039984",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039984"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/144389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17428",
"datePublished": "2018-03-05T18:00:00.000Z",
"dateReserved": "2017-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:51:31.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17428 (GCVE-0-2017-17428)
Vulnerability from nvd – Published: 2018-03-05 18:00 – Updated: 2024-08-05 20:51- n/a
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/102170 | vdb-entryx_refsource_BID |
| https://www.cavium.com/security-advisory-cve-2017… | x_refsource_CONFIRM |
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id/1039984 | vdb-entryx_refsource_SECTRACK |
| https://www.kb.cert.org/vuls/id/144389 | third-party-advisoryx_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102170"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
},
{
"name": "1039984",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039984"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-12-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-05T17:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "102170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102170"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
},
{
"name": "1039984",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039984"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-17428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102170"
},
{
"name": "https://www.cavium.com/security-advisory-cve-2017-17428.html",
"refsource": "CONFIRM",
"url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
},
{
"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
},
{
"name": "1039984",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039984"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/144389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-17428",
"datePublished": "2018-03-05T18:00:00.000Z",
"dateReserved": "2017-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-05T20:51:31.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}