CVE-2017-6284

EPSS 0.01%
Veröffentlicht 06.03.2018 16:29:00
Zuletzt bearbeitet 21.11.2024 03:29:27
Quelle psirt@nvidia.com
CVE-Watchlists
Login
Unerledigt
Login

NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 2 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nvidia ≫ Shield Tv Firmware Version <= 6.2

Nvidia ≫ Shield Tv Version-

Google ≫ Android Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.003

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

CWE-326 Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

https://nvidia.custhelp.com/app/answers/detail/a_id/4787

http://nvidia.custhelp.com/app/answers/detail/a_id/4631

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-6284

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-6284

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-6284

EUVD