Main Vulnerability Database Exploits ID:67 - Exploit for Information disclosure in Cavium products - CVE-2017-17428

ID:67 - Exploit for Information disclosure in Cavium products - CVE-2017-17428

Published: March 18, 2020

Vulnerability identifier: #VU11068

Vulnerability risk: Low

CVE-ID: CVE-2017-17428

CWE-ID: CWE-200

Exploitation vector: Remote access

Vulnerable software:
Nitrox SSL
Nitrox V SSL SDK
TurboSSL SDK
Cavium SDK

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/scanner/ssl/bleichenbacher_oracle

Vulnerability description

The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information o the target system.

The weakness exists due to improper security restrictions. A remote attacker can use the Bleichenbacher attack to monitor Transport Layer Security (TLS) ciphertext data from the targeted client to the affected server and gain access to potentially sensitive information.

Remediation

Cybersecurity is currently unaware of any solutions addressing the vulnerability.

ID:67 - Exploit for Information disclosure in Cavium products - CVE-2017-17428

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human