CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2017-17427
https://notcve.org/view.php?id=CVE-2017-17427
13 Dec 2017 — Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations. Los dispositivos Radware Alteon con versiones de firmware entre 31.0.0.0-31.0.3.0 son vulnerables a un ataque de texto cifrado elegido adaptativo, también conocido como "ataque Bleichenbacher". Esto permite que un at... • http://www.securityfocus.com/bid/102199 • CWE-203: Observable Discrepancy •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2016-10212
https://notcve.org/view.php?id=CVE-2016-10212
08 Feb 2017 — Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-0270. NOTE: this issue may be due to the use of a third-party Cavium product. Dispositivos Radware utilizan el mismo valor para los dos primeros GCM nonces, lo que permite a atacantes remotos obtener la clave de autenticación y suplantar data a través de un "ataque prohibido", un problema similar a CVE-2016-0270. ... • http://www.securityfocus.com/bid/96172 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-2301
https://notcve.org/view.php?id=CVE-2009-2301
02 Jul 2009 — The radware AppWall Web Application Firewall (WAF) 1.0.2.6, with Gateway 4.6.0.2, allows remote attackers to read source code via a direct request to (1) funcs.inc, (2) defines.inc, or (3) msg.inc in Management/. El radware AppWall Web Application Firewall (WAF) v1.0.2.6, con Gateway v4.6.0.2, permite a los atacantes remotos leer código fuente a través de una petición directa a (1) funcs.inc, (2) defines.inc, o (3) msg.inc en Management/. • http://www.securityfocus.com/archive/1/504682/100/0/threaded • CWE-20: Improper Input Validation •