6.5
CVE-2017-10669
- EPSS 0.13%
- Published 30.06.2017 12:29:00
- Last modified 20.04.2025 01:37:25
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker with access to unencrypted OSCI protocol messages must send crafted protocol messages with duplicate IDs.
Data is provided by the National Vulnerability Database (NVD)
Xoev ≫ Osci Transport Library Version1.6 SwEdition.net
Xoev ≫ Osci Transport Library Version1.6.1 SwEditionjava
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.293 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 3.9 | 2.5 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
|
| nvd@nist.gov | 6.4 | 10 | 4.9 |
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
CWE-347 Improper Verification of Cryptographic Signature
The product does not verify, or incorrectly verifies, the cryptographic signature for data.