// For flags

CVE-2017-17428

 

Severity Score

5.9
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

Los SDK (software development kit) de Cavium Nitrox SSL, Nitrox V SSL y TurboSSL permiten que atacantes remotos descifren datos TLS cifrados aprovechando un oráculo de relleno RSA Bleichenbacher. Esto también se conoce como ataque ROBOT.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-12-05 CVE Reserved
  • 2018-03-05 CVE Published
  • 2023-09-05 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-327: Use of a Broken or Risky Cryptographic Algorithm
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Ace4710 Application Control Engine Firmware
Search vendor "Cisco" for product "Ace4710 Application Control Engine Firmware"
3.0\(0\)a5\(2.0\)
Search vendor "Cisco" for product "Ace4710 Application Control Engine Firmware" and version "3.0\(0\)a5\(2.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ace 4710 Application Control Engine
Search vendor "Cisco" for product "Ace 4710 Application Control Engine"
--
Safe
Cisco
Search vendor "Cisco"
Ace4710 Application Control Engine Firmware
Search vendor "Cisco" for product "Ace4710 Application Control Engine Firmware"
3.0\(0\)a5\(3.0\)
Search vendor "Cisco" for product "Ace4710 Application Control Engine Firmware" and version "3.0\(0\)a5\(3.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ace 4710 Application Control Engine
Search vendor "Cisco" for product "Ace 4710 Application Control Engine"
--
Safe
Cisco
Search vendor "Cisco"
Ace4710 Application Control Engine Firmware
Search vendor "Cisco" for product "Ace4710 Application Control Engine Firmware"
3.0\(0\)a5\(3.5\)
Search vendor "Cisco" for product "Ace4710 Application Control Engine Firmware" and version "3.0\(0\)a5\(3.5\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ace 4710 Application Control Engine
Search vendor "Cisco" for product "Ace 4710 Application Control Engine"
--
Safe
Cisco
Search vendor "Cisco"
Ace30 Application Control Engine Module Firmware
Search vendor "Cisco" for product "Ace30 Application Control Engine Module Firmware"
3.0\(0\)a5\(2.0\)
Search vendor "Cisco" for product "Ace30 Application Control Engine Module Firmware" and version "3.0\(0\)a5\(2.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ace30 Application Control Engine Module
Search vendor "Cisco" for product "Ace30 Application Control Engine Module"
--
Safe
Cisco
Search vendor "Cisco"
Ace30 Application Control Engine Module Firmware
Search vendor "Cisco" for product "Ace30 Application Control Engine Module Firmware"
3.0\(0\)a5\(3.0\)
Search vendor "Cisco" for product "Ace30 Application Control Engine Module Firmware" and version "3.0\(0\)a5\(3.0\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ace30 Application Control Engine Module
Search vendor "Cisco" for product "Ace30 Application Control Engine Module"
--
Safe
Cisco
Search vendor "Cisco"
Ace30 Application Control Engine Module Firmware
Search vendor "Cisco" for product "Ace30 Application Control Engine Module Firmware"
3.0\(0\)a5\(3.5\)
Search vendor "Cisco" for product "Ace30 Application Control Engine Module Firmware" and version "3.0\(0\)a5\(3.5\)"
-
Affected
in Cisco
Search vendor "Cisco"
Ace30 Application Control Engine Module
Search vendor "Cisco" for product "Ace30 Application Control Engine Module"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5520 Firmware
Search vendor "Cisco" for product "Adaptive Security Appliance 5520 Firmware"
9.1\(7.16\)
Search vendor "Cisco" for product "Adaptive Security Appliance 5520 Firmware" and version "9.1\(7.16\)"
-
Affected
in Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5520
Search vendor "Cisco" for product "Adaptive Security Appliance 5520"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5540 Firmware
Search vendor "Cisco" for product "Adaptive Security Appliance 5540 Firmware"
9.1\(7.16\)
Search vendor "Cisco" for product "Adaptive Security Appliance 5540 Firmware" and version "9.1\(7.16\)"
-
Affected
in Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5540
Search vendor "Cisco" for product "Adaptive Security Appliance 5540"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5550 Firmware
Search vendor "Cisco" for product "Adaptive Security Appliance 5550 Firmware"
9.1\(7.16\)
Search vendor "Cisco" for product "Adaptive Security Appliance 5550 Firmware" and version "9.1\(7.16\)"
-
Affected
in Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5550
Search vendor "Cisco" for product "Adaptive Security Appliance 5550"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5510 Firmware
Search vendor "Cisco" for product "Adaptive Security Appliance 5510 Firmware"
9.1\(7.16\)
Search vendor "Cisco" for product "Adaptive Security Appliance 5510 Firmware" and version "9.1\(7.16\)"
-
Affected
in Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5510
Search vendor "Cisco" for product "Adaptive Security Appliance 5510"
--
Safe
Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5505 Firmware
Search vendor "Cisco" for product "Adaptive Security Appliance 5505 Firmware"
9.1\(7.16\)
Search vendor "Cisco" for product "Adaptive Security Appliance 5505 Firmware" and version "9.1\(7.16\)"
-
Affected
in Cisco
Search vendor "Cisco"
Adaptive Security Appliance 5505
Search vendor "Cisco" for product "Adaptive Security Appliance 5505"
--
Safe
Cavium
Search vendor "Cavium"
Nitrox Ssl Sdk
Search vendor "Cavium" for product "Nitrox Ssl Sdk"
<= 6.1.0
Search vendor "Cavium" for product "Nitrox Ssl Sdk" and version " <= 6.1.0"
-
Affected
Cavium
Search vendor "Cavium"
Nitrox V Ssl Sdk
Search vendor "Cavium" for product "Nitrox V Ssl Sdk"
<= 1.2
Search vendor "Cavium" for product "Nitrox V Ssl Sdk" and version " <= 1.2"
-
Affected
Cavium
Search vendor "Cavium"
Octeon Sdk
Search vendor "Cavium" for product "Octeon Sdk"
<= 1.7.2
Search vendor "Cavium" for product "Octeon Sdk" and version " <= 1.7.2"
-
Affected
Cavium
Search vendor "Cavium"
Octeon Ssl Sdk
Search vendor "Cavium" for product "Octeon Ssl Sdk"
<= 1.5.0
Search vendor "Cavium" for product "Octeon Ssl Sdk" and version " <= 1.5.0"
-
Affected
Cavium
Search vendor "Cavium"
Turbossl Sdk
Search vendor "Cavium" for product "Turbossl Sdk"
<= 1.0
Search vendor "Cavium" for product "Turbossl Sdk" and version " <= 1.0"
-
Affected
Cisco
Search vendor "Cisco"
Webex Conect Im
Search vendor "Cisco" for product "Webex Conect Im"
7.24.1
Search vendor "Cisco" for product "Webex Conect Im" and version "7.24.1"
-
Affected
Cisco
Search vendor "Cisco"
Webex Meetings
Search vendor "Cisco" for product "Webex Meetings"
t31
Search vendor "Cisco" for product "Webex Meetings" and version "t31"
-
Affected
Cisco
Search vendor "Cisco"
Webex Meetings
Search vendor "Cisco" for product "Webex Meetings"
t32
Search vendor "Cisco" for product "Webex Meetings" and version "t32"
-
Affected