1 results (0.012 seconds)

CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0

Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-0270. NOTE: this issue may be due to the use of a third-party Cavium product. Dispositivos Radware utilizan el mismo valor para los dos primeros GCM nonces, lo que permite a atacantes remotos obtener la clave de autenticación y suplantar data a través de un "ataque prohibido", un problema similar a CVE-2016-0270. NOTA: este problema puede deberse al uso de un producto Cavium de terceros. • http://www.securityfocus.com/bid/96172 https://github.com/nonce-disrespect/nonce-disrespect https://support.radware.com/app/answers/answer_view/a_id/18456 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •