CVE-2017-17427

EPSS 76.6%
Veröffentlicht 13.12.2017 16:29:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Radware ≫ Alteon Firmware Version >= 31.0.0.0 <= 31.0.3.0

Radware ≫ Alteon Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	76.6%	0.989

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://robotattack.org/

Technical Description

https://www.kb.cert.org/vuls/id/144389

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/102199

Third Party Advisory

VDB Entry

https://support.radware.com/app/answers/answer_view/a_id/1010361/~/cve-2017-17427-adaptive-chosen-ciphertext-attack-vulnerability

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2017-17427

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-17427

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-17427

EUVD