CVE-2017-17427

EPSS 76.6%
Published 13.12.2017 16:29:00
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Radware ≫ Alteon Firmware Version >= 31.0.0.0 <= 31.0.3.0

Radware ≫ Alteon Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	76.6%	0.989

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

https://robotattack.org/

Technical Description

https://www.kb.cert.org/vuls/id/144389

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/102199

Third Party Advisory

VDB Entry

https://support.radware.com/app/answers/answer_view/a_id/1010361/~/cve-2017-17427-adaptive-chosen-ciphertext-attack-vulnerability

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2017-17427

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-17427

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-17427

EUVD