CVE-2017-17428 - Vulnerability Details

Vendors	Products
Cavium	Nitrox Ssl Sdk Nitrox V Ssl Sdk Octeon Sdk Octeon Ssl Sdk Turbossl Sdk
Cisco	Ace30 Application Control Engine Module Ace30 Application Control Engine Module Firmware Ace4710 Application Control Engine Firmware Ace 4710 Application Control Engine Adaptive Security Appliance 5505 Adaptive Security Appliance 5505 Firmware Adaptive Security Appliance 5510 Adaptive Security Appliance 5510 Firmware Adaptive Security Appliance 5520 Adaptive Security Appliance 5520 Firmware Adaptive Security Appliance 5540 Adaptive Security Appliance 5540 Firmware Adaptive Security Appliance 5550 Adaptive Security Appliance 5550 Firmware Webex Conect Im Webex Meetings

Link	Providers
http://www.securityfocus.com/bid/102170
http://www.securitytracker.com/id/1039984
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
https://www.cavium.com/security-advisory-cve-2017-17428.html
https://www.kb.cert.org/vuls/id/144389

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-12-12T00:00:00", "descriptions": [{"lang": "en", "value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-05T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "102170", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102170"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"}, {"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"}, {"name": "1039984", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039984"}, {"name": "VU#144389", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "https://www.kb.cert.org/vuls/id/144389"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-17428", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "102170", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102170"}, {"name": "https://www.cavium.com/security-advisory-cve-2017-17428.html", "refsource": "CONFIRM", "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"}, {"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"}, {"name": "1039984", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039984"}, {"name": "VU#144389", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/144389"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:51:31.376Z"}, "title": "CVE Program Container", "references": [{"name": "102170", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/102170"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"}, {"name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"}, {"name": "1039984", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039984"}, {"name": "VU#144389", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/144389"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-17428", "datePublished": "2018-03-05T18:00:00", "dateReserved": "2017-12-05T00:00:00", "dateUpdated": "2024-08-05T20:51:31.376Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2017-12-12T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-03-05T17:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 102170 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/102170 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://www.cavium.com/security-advisory-cve-2017-17428.html (string)

}

2 : { »

name : 20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher (string)

}

3 : { »

name : 1039984 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1039984 (string)

}

4 : { »

name : VU#144389 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT-VN (string)

]

url : https://www.kb.cert.org/vuls/id/144389 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2017-17428 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 102170 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/102170 (string)

}

1 : { »

name : https://www.cavium.com/security-advisory-cve-2017-17428.html (string)

refsource : CONFIRM (string)

url : https://www.cavium.com/security-advisory-cve-2017-17428.html (string)

}

2 : { »

name : 20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017 (string)

refsource : CISCO (string)

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher (string)

}

3 : { »

name : 1039984 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1039984 (string)

}

4 : { »

name : VU#144389 (string)

refsource : CERT-VN (string)

url : https://www.kb.cert.org/vuls/id/144389 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T20:51:31.376Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 102170 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/102170 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://www.cavium.com/security-advisory-cve-2017-17428.html (string)

}

2 : { »

name : 20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher (string)

}

3 : { »

name : 1039984 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1039984 (string)

}

4 : { »

name : VU#144389 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT-VN (string)

2 : x_transferred (string)

]

url : https://www.kb.cert.org/vuls/id/144389 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2017-17428 (string)

datePublished : 2018-03-05T18:00:00 (string)

dateReserved : 2017-12-05T00:00:00 (string)

dateUpdated : 2024-08-05T20:51:31.376Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cavium:nitrox_ssl_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "A8DF06BB-1F8B-4A8B-BA66-028AFF9FA36E", "versionEndIncluding": "6.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cavium:nitrox_v_ssl_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "274D753A-E022-4E41-9114-0B26A472BB63", "versionEndIncluding": "1.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cavium:octeon_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "7529F21A-0F87-421A-9D96-9B21A11F77D3", "versionEndIncluding": "1.7.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cavium:octeon_ssl_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "5ACC7912-4FF4-49FE-B5D8-6CEAEFC25DA4", "versionEndIncluding": "1.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cavium:turbossl_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3B94D6A-7AC9-48B6-9A7C-7C8D23F3AFCB", "versionEndIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:webex_conect_im:7.24.1:*:*:*:*:*:*:*", "matchCriteriaId": "0143CB5D-07F4-4BC3-85C4-5A1A5F10D255", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:*", "matchCriteriaId": "C2CD55EC-37E6-4E00-97CA-CBCA430AA711", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:webex_meetings:t32:*:*:*:*:*:*:*", "matchCriteriaId": "E7D55BE2-8399-4B10-9430-BEB0036800C4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(2.0\\):*:*:*:*:*:*:*", "matchCriteriaId": "24BD18A8-AEAD-459A-9E16-3790BE6543D8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(3.0\\):*:*:*:*:*:*:*", "matchCriteriaId": "DD10B359-AB2A-41A6-96D2-C904F705DE7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(3.5\\):*:*:*:*:*:*:*", "matchCriteriaId": "2D7F0F7C-295C-4565-B818-FF9FBAB36249", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace_4710_application_control_engine:-:*:*:*:*:*:*:*", "matchCriteriaId": "94E8DDD6-4B63-4430-AF9C-2A9ABCC79E24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(2.0\\):*:*:*:*:*:*:*", "matchCriteriaId": "60340950-50AD-47C2-B9CB-2D930D180EF8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(3.0\\):*:*:*:*:*:*:*", "matchCriteriaId": "2A4C206B-1375-41BE-8811-E334E7879A29", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(3.5\\):*:*:*:*:*:*:*", "matchCriteriaId": "2FF73E89-9C67-4A37-B9BC-EC9E17C0E0CB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:ace30_application_control_engine_module:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AD4CC24-D2B1-4DEB-85AE-393CDCDD24F4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*", "matchCriteriaId": "D4AA2A28-18CB-4C73-B52A-4DE306B55896", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*", "matchCriteriaId": "35954D5D-F767-485F-94AB-0CD8B58F6352", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*", "matchCriteriaId": "337DC063-042E-43AF-810E-8598CCEB2FD6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CCBF299-D6F5-4D00-8616-9EDE7EAFAC28", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*", "matchCriteriaId": "07348020-F675-40B9-9477-914ADCB85991", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*", "matchCriteriaId": "C24537C8-4F9C-4979-BB1A-466ADA6C3FF5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*", "matchCriteriaId": "21A7DCB5-936E-4039-B798-2B6EF5A148BB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*", "matchCriteriaId": "4FF7123A-5538-48AF-BD7A-A0D7962CB10E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*", "matchCriteriaId": "71174C79-2DC1-4CE7-923D-2EF2D4362CAD", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AC84224-8B1A-4D92-9FBD-813F6C857A77", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."}, {"lang": "es", "value": "Los SDK (software development kit) de Cavium Nitrox SSL, Nitrox V SSL y TurboSSL permiten que atacantes remotos descifren datos TLS cifrados aprovechando un or\u00e1culo de relleno RSA Bleichenbacher. Esto tambi\u00e9n se conoce como ataque ROBOT."}], "id": "CVE-2017-17428", "lastModified": "2024-11-21T03:17:55.180", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.1, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-05T18:29:00.237", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102170"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039984"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/144389"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102170"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.kb.cert.org/vuls/id/144389"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-327"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cavium:nitrox_ssl_sdk:*:*:*:*:*:*:*:* (string)

matchCriteriaId : A8DF06BB-1F8B-4A8B-BA66-028AFF9FA36E (string)

versionEndIncluding : 6.1.0 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cavium:nitrox_v_ssl_sdk:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 274D753A-E022-4E41-9114-0B26A472BB63 (string)

versionEndIncluding : 1.2 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cavium:octeon_sdk:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7529F21A-0F87-421A-9D96-9B21A11F77D3 (string)

versionEndIncluding : 1.7.2 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cavium:octeon_ssl_sdk:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 5ACC7912-4FF4-49FE-B5D8-6CEAEFC25DA4 (string)

versionEndIncluding : 1.5.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cavium:turbossl_sdk:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E3B94D6A-7AC9-48B6-9A7C-7C8D23F3AFCB (string)

versionEndIncluding : 1.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:webex_conect_im:7.24.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 0143CB5D-07F4-4BC3-85C4-5A1A5F10D255 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:* (string)

matchCriteriaId : C2CD55EC-37E6-4E00-97CA-CBCA430AA711 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:webex_meetings:t32:*:*:*:*:*:*:* (string)

matchCriteriaId : E7D55BE2-8399-4B10-9430-BEB0036800C4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(2.0\):*:*:*:*:*:*:* (string)

matchCriteriaId : 24BD18A8-AEAD-459A-9E16-3790BE6543D8 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(3.0\):*:*:*:*:*:*:* (string)

matchCriteriaId : DD10B359-AB2A-41A6-96D2-C904F705DE7D (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(3.5\):*:*:*:*:*:*:* (string)

matchCriteriaId : 2D7F0F7C-295C-4565-B818-FF9FBAB36249 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:ace_4710_application_control_engine:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 94E8DDD6-4B63-4430-AF9C-2A9ABCC79E24 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(2.0\):*:*:*:*:*:*:* (string)

matchCriteriaId : 60340950-50AD-47C2-B9CB-2D930D180EF8 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(3.0\):*:*:*:*:*:*:* (string)

matchCriteriaId : 2A4C206B-1375-41BE-8811-E334E7879A29 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(3.5\):*:*:*:*:*:*:* (string)

matchCriteriaId : 2FF73E89-9C67-4A37-B9BC-EC9E17C0E0CB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:ace30_application_control_engine_module:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9AD4CC24-D2B1-4DEB-85AE-393CDCDD24F4 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:9.1\(7.16\):*:*:*:*:*:*:* (string)

matchCriteriaId : D4AA2A28-18CB-4C73-B52A-4DE306B55896 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 35954D5D-F767-485F-94AB-0CD8B58F6352 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:9.1\(7.16\):*:*:*:*:*:*:* (string)

matchCriteriaId : 337DC063-042E-43AF-810E-8598CCEB2FD6 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4CCBF299-D6F5-4D00-8616-9EDE7EAFAC28 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

6 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:9.1\(7.16\):*:*:*:*:*:*:* (string)

matchCriteriaId : 07348020-F675-40B9-9477-914ADCB85991 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C24537C8-4F9C-4979-BB1A-466ADA6C3FF5 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

7 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:9.1\(7.16\):*:*:*:*:*:*:* (string)

matchCriteriaId : 21A7DCB5-936E-4039-B798-2B6EF5A148BB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 4FF7123A-5538-48AF-BD7A-A0D7962CB10E (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

8 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:9.1\(7.16\):*:*:*:*:*:*:* (string)

matchCriteriaId : 71174C79-2DC1-4CE7-923D-2EF2D4362CAD (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 5AC84224-8B1A-4D92-9FBD-813F6C857A77 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. (string)

}

1 : { »

lang : es (string)

value : Los SDK (software development kit) de Cavium Nitrox SSL, Nitrox V SSL y TurboSSL permiten que atacantes remotos descifren datos TLS cifrados aprovechando un oráculo de relleno RSA Bleichenbacher. Esto también se conoce como ataque ROBOT. (string)

}

]

id : CVE-2017-17428 (string)

lastModified : 2024-11-21T03:17:55.180 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 7.1 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:C/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 5.9 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 2.2 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2018-03-05T18:29:00.237 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/102170 (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1039984 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.cavium.com/security-advisory-cve-2017-17428.html (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://www.kb.cert.org/vuls/id/144389 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/102170 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securitytracker.com/id/1039984 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://www.cavium.com/security-advisory-cve-2017-17428.html (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : https://www.kb.cert.org/vuls/id/144389 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-327 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object