CVE-2017-9371
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.
En BlackBerry QNX Software Development Platform (SDP) 6.6.0 y 6.5.0 SP1 y anteriores, una vulnerabilidad de pérdida de integridad en la configuración por defecto de la plataforma QNX SDP podría permitir que un atacante sea capaz de reducir la entropía del PRNG, haciendo que otros ataques combinados sean más prácticos mediante la obtención del control sobre factores del entorno que influyen en la generación de semillas.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-06-02 CVE Reserved
- 2017-11-14 CVE Published
- 2024-07-27 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-332: Insufficient Entropy in PRNG
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000046674 | 2017-11-30 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Blackberry Search vendor "Blackberry" | Qnx Software Development Platform Search vendor "Blackberry" for product "Qnx Software Development Platform" | 6.5.0 Search vendor "Blackberry" for product "Qnx Software Development Platform" and version "6.5.0" | - |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Software Development Platform Search vendor "Blackberry" for product "Qnx Software Development Platform" | 6.5.0 Search vendor "Blackberry" for product "Qnx Software Development Platform" and version "6.5.0" | sp1 |
Affected
| ||||||
Blackberry Search vendor "Blackberry" | Qnx Software Development Platform Search vendor "Blackberry" for product "Qnx Software Development Platform" | 6.6.0 Search vendor "Blackberry" for product "Qnx Software Development Platform" and version "6.6.0" | - |
Affected
|