Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-17428

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Mar, 2018 | 18:00
Updated At-05 Aug, 2024 | 20:51
Rejected At-
Credits

Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Mar, 2018 | 18:00
Updated At:05 Aug, 2024 | 20:51
Rejected At:
▼CVE Numbering Authority (CNA)

Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/102170
vdb-entry
x_refsource_BID
https://www.cavium.com/security-advisory-cve-2017-17428.html
x_refsource_CONFIRM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
vendor-advisory
x_refsource_CISCO
http://www.securitytracker.com/id/1039984
vdb-entry
x_refsource_SECTRACK
https://www.kb.cert.org/vuls/id/144389
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.securityfocus.com/bid/102170
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://www.cavium.com/security-advisory-cve-2017-17428.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.securitytracker.com/id/1039984
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://www.kb.cert.org/vuls/id/144389
Resource:
third-party-advisory
x_refsource_CERT-VN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securityfocus.com/bid/102170
vdb-entry
x_refsource_BID
x_transferred
https://www.cavium.com/security-advisory-cve-2017-17428.html
x_refsource_CONFIRM
x_transferred
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
vendor-advisory
x_refsource_CISCO
x_transferred
http://www.securitytracker.com/id/1039984
vdb-entry
x_refsource_SECTRACK
x_transferred
https://www.kb.cert.org/vuls/id/144389
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.securityfocus.com/bid/102170
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.cavium.com/security-advisory-cve-2017-17428.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.securitytracker.com/id/1039984
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://www.kb.cert.org/vuls/id/144389
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Mar, 2018 | 18:29
Updated At:03 Oct, 2019 | 00:03

Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.9MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary2.07.1HIGH
AV:N/AC:M/Au:N/C:C/I:N/A:N
Type: Primary
Version: 3.0
Base score: 5.9
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 7.1
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:N/A:N
CPE Matches
cavium
cavium
>>nitrox_ssl_sdk>>Versions up to 6.1.0(inclusive)
cpe:2.3:a:cavium:nitrox_ssl_sdk:*:*:*:*:*:*:*:*
cavium
cavium
>>nitrox_v_ssl_sdk>>Versions up to 1.2(inclusive)
cpe:2.3:a:cavium:nitrox_v_ssl_sdk:*:*:*:*:*:*:*:*
cavium
cavium
>>octeon_sdk>>Versions up to 1.7.2(inclusive)
cpe:2.3:a:cavium:octeon_sdk:*:*:*:*:*:*:*:*
cavium
cavium
>>octeon_ssl_sdk>>Versions up to 1.5.0(inclusive)
cpe:2.3:a:cavium:octeon_ssl_sdk:*:*:*:*:*:*:*:*
cavium
cavium
>>turbossl_sdk>>Versions up to 1.0(inclusive)
cpe:2.3:a:cavium:turbossl_sdk:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>webex_conect_im>>7.24.1
cpe:2.3:a:cisco:webex_conect_im:7.24.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>webex_meetings>>t31
cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>webex_meetings>>t32
cpe:2.3:a:cisco:webex_meetings:t32:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace4710_application_control_engine_firmware>>3.0\(0\)a5\(2.0\)
cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(2.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace4710_application_control_engine_firmware>>3.0\(0\)a5\(3.0\)
cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(3.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace4710_application_control_engine_firmware>>3.0\(0\)a5\(3.5\)
cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(3.5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace_4710_application_control_engine>>-
cpe:2.3:h:cisco:ace_4710_application_control_engine:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace30_application_control_engine_module_firmware>>3.0\(0\)a5\(2.0\)
cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(2.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace30_application_control_engine_module_firmware>>3.0\(0\)a5\(3.0\)
cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(3.0\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace30_application_control_engine_module_firmware>>3.0\(0\)a5\(3.5\)
cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(3.5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ace30_application_control_engine_module>>-
cpe:2.3:h:cisco:ace30_application_control_engine_module:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5520_firmware>>9.1\(7.16\)
cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:9.1\(7.16\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5520>>-
cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5540_firmware>>9.1\(7.16\)
cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:9.1\(7.16\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5540>>-
cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5550_firmware>>9.1\(7.16\)
cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:9.1\(7.16\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5550>>-
cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5510_firmware>>9.1\(7.16\)
cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:9.1\(7.16\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5510>>-
cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5505_firmware>>9.1\(7.16\)
cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:9.1\(7.16\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>adaptive_security_appliance_5505>>-
cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-327Primarynvd@nist.gov
CWE ID: CWE-327
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/102170cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039984cve@mitre.org
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbachercve@mitre.org
Third Party Advisory
https://www.cavium.com/security-advisory-cve-2017-17428.htmlcve@mitre.org
Vendor Advisory
https://www.kb.cert.org/vuls/id/144389cve@mitre.org
Third Party Advisory
US Government Resource
Hyperlink: http://www.securityfocus.com/bid/102170
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1039984
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.cavium.com/security-advisory-cve-2017-17428.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://www.kb.cert.org/vuls/id/144389
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

86Records found
CVE-2019-1828
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.07% / 22.93%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:30
Updated-21 Nov, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV320 and RV325 Routers Weak Credential Encryption Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for user credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack and decrypting intercepted credentials. A successful exploit could allow the attacker to gain access to an affected device with administrator privileges. This vulnerability affects Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running firmware releases prior to 1.4.2.22.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv325rv325_firmwarerv320rv320_firmwareCisco Small Business RV Series Router Firmware
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2010-2982
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.1||HIGH
EPSS-0.36% / 57.69%
||
7 Day CHG~0.00%
Published-09 Aug, 2010 | 19:23
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-unified_wireless_network_solution_softwaren/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2010-0568
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.43% / 61.77%
||
7 Day CHG~0.00%
Published-19 Feb, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-pix_500asa_5500n/a
CVE-2009-2863
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.41% / 60.24%
||
7 Day CHG~0.00%
Published-28 Sep, 2009 | 18:20
Updated-07 Aug, 2024 | 06:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-287
Improper Authentication
CVE-2017-12228
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.29% / 51.65%
||
7 Day CHG~0.00%
Published-28 Sep, 2017 | 07:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software. Cisco Bug IDs: CSCvc33171.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosios_xeCisco IOS and IOS XE
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-295
Improper Certificate Validation
CVE-2017-12373
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-61.96% / 98.28%
||
7 Day CHG~0.00%
Published-15 Dec, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_5550_firmwareadaptive_security_appliance_5505_firmwareadaptive_security_appliance_5550adaptive_security_appliance_5540_firmwareadaptive_security_appliance_5520adaptive_security_appliance_5510_firmwareadaptive_security_appliance_5505adaptive_security_appliance_5520_firmwareadaptive_security_appliance_5510adaptive_security_appliance_5540Cisco legacy ASA 5500 products TLS protocol implementation
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-203
Observable Discrepancy
CVE-2008-2736
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.65% / 69.87%
||
7 Day CHG~0.00%
Published-04 Sep, 2008 | 16:00
Updated-07 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-adaptive_security_appliance_5500n/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-6409
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.26% / 48.94%
||
7 Day CHG~0.00%
Published-26 Dec, 2015 | 22:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STARTTLS downgrade attacks and trigger cleartext XMPP sessions via unspecified vectors, aka Bug ID CSCuw87419.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-jabbern/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2015-6358
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-1.97% / 82.77%
||
7 Day CHG~0.00%
Published-12 Oct, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-wap200wap200_firmwarespa400rv325rv120w_firmwarewap4410nwap4410n_firmwaresrw224p_firmwarerv180rv180w_firmwarewet200rv320_firmwarerv220wsrp520_firmwarerv320rv120wwap2000wrv210_firmwarewrv200rtp300wet200_firmwarerv315w_firmwarerv180wsrp520wrp500rtp300_firmwarewrv210wrvs4400nwap4400nsrp520-u_firmwarespa400_firmwarervs4000_firmwarepvc2300_firmwarerv315wrv325_firmwarewvc2300rv180_firmwaresrw224psrp520-uwrvs4400n_firmwarewrp500_firmwarervs4000rv220w_firmwarewvc2300_firmwarewap2000_firmwarepvc2300wap4400n_firmwarewrv200_firmwaren/a
CWE ID-CWE-295
Improper Certificate Validation
CVE-2017-16007
Matching Score-8
Assigner-HackerOne
ShareView Details
Matching Score-8
Assigner-HackerOne
CVSS Score-5.9||MEDIUM
EPSS-0.26% / 49.31%
||
7 Day CHG~0.00%
Published-04 Jun, 2018 | 19:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used.

Action-Not Available
Vendor-HackerOneCisco Systems, Inc.
Product-node-josenode-jose node module
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-3150
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.34% / 55.79%
||
7 Day CHG~0.00%
Published-16 Jul, 2020 | 17:20
Updated-15 Nov, 2024 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV110W and RV215W Series Routers Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV110W and RV215W Series Routers could allow an unauthenticated, remote attacker to download sensitive information from the device, which could include the device configuration. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web-based management interface of the router, but only after any valid user has opened a specific file on the device since the last reboot. A successful exploit would allow the attacker to view sensitive information, which should be restricted.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv215w_firmwarerv110w_firmwarerv215wrv110wCisco RV110W Wireless-N VPN Firewall Firmware
CWE ID-CWE-285
Improper Authorization
CWE ID-CWE-863
Incorrect Authorization
CVE-2019-1948
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.15%
||
7 Day CHG~0.00%
Published-21 Aug, 2019 | 18:30
Updated-21 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Webex Meetings Mobile (iOS) SSL Certificate Validation Vulnerability

A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data by using an invalid Secure Sockets Layer (SSL) certificate. The vulnerability is due to insufficient SSL certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted SSL certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-webex_meetingsCisco WebEx Meetings for iOS
CWE ID-CWE-295
Improper Certificate Validation
CVE-2011-4667
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.15% / 36.31%
||
7 Day CHG~0.00%
Published-25 Sep, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The encryption library in Cisco IOS Software 15.2(1)T, 15.2(1)T1, and 15.2(2)T, Cisco NX-OS in Cisco MDS 9222i Multiservice Modular Switch, Cisco MDS 9000 18/4-Port Multiservice Module, and Cisco MDS 9000 Storage Services Node module before 5.2(6), and Cisco IOS in Cisco VPN Services Port Adaptor for Catalyst 6500 12.2(33)SXI, and 12.2(33)SXJ when IP Security (aka IPSec) is used, allows remote attackers to obtain unencrypted packets from encrypted sessions.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosnx-osn/a
CVE-2018-0131
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.41% / 60.40%
||
7 Day CHG~0.00%
Published-14 Aug, 2018 | 17:00
Updated-26 Nov, 2024 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. The vulnerability exists because the affected software responds incorrectly to decryption failures. An attacker could exploit this vulnerability sending crafted ciphertexts to a device configured with IKEv1 that uses RSA-encrypted nonces. A successful exploit could allow the attacker to obtain the encrypted nonces. Cisco Bug IDs: CSCve77140.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosIOS and IOS XE
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2017-9487
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.32% / 54.02%
||
7 Day CHG~0.00%
Published-31 Jul, 2017 | 03:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) and DPC3941T (firmware version DPC3941_2.5s3_PROD_sey) devices allows remote attackers to discover a WAN IPv6 IP address by leveraging knowledge of the CM MAC address.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-dpc3939_firmwaredpc3941tdpc3939dpc3941t_firmwaren/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2020-24588
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-3.5||LOW
EPSS-0.34% / 56.27%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 00:00
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.

Action-Not Available
Vendor-ieeen/aIntel CorporationMicrosoft CorporationDebian GNU/LinuxLinux Kernel Organization, IncCisco Systems, Inc.Arista Networks, Inc.Siemens AG
Product-catalyst_9117_ap_firmwarewebex_room_kit_firmwareip_phone_8861ac_9560_firmwareir829gw-lte-ga-zk9_firmwareac_8265_firmware1100-8pscalance_w786-2_firmwarewindows_10ir829gw-lte-ga-ck9c-100_firmwarecatalyst_9115axe_firmware1109-2p_firmwareproset_ac_9560_firmwaremeraki_z3webex_room_70_single_g2catalyst_9120_ap_firmwareo-90_firmwareaironet_1810_firmwareac_9560killer_wi-fi_6_ax1650_firmwareproset_wireless_7265_\(rev_d\)meraki_gr60_firmware1101-4p_firmwareir829gw-lte-vz-ak9catalyst_9124axicatalyst_9115axicatalyst_9117aximeraki_mr70c-110proset_wi-fi_6_ax201_firmwaremeraki_mr55webex_dx70_firmwaremeraki_mr33_firmwarescalance_w748-1_firmwaremeraki_mx68cw_firmwarewebex_board_85s_firmwarec-110_firmwaremeraki_mr34_firmwaremeraki_mr52ir829-2lte-ea-bk9scalance_w1750dwebex_room_70_dual_firmwareaironet_1810w_firmwareir829gw-lte-ga-sk9_firmwarescalance_w774-1meraki_mx65w_firmwarescalance_w1788-1webex_room_55_dualcatalyst_9120axp_firmwareaironet_1815_firmwarescalance_w786-1meraki_mr42proset_ac_9560c-235c-230c-200_firmwaremeraki_mr86meraki_mr36_firmwarecatalyst_9120axe_firmwareproset_ac_9260_firmwaremeraki_mr32_firmwarec-230_firmwareir829gw-lte-ga-ck9_firmwarewi-fi_6_ax200_firmwaremeraki_mr42_firmwareproset_ac_9462_firmwarewebex_room_kit_mini_firmwaremeraki_mr46eproset_wireless_7265_\(rev_d\)_firmwareaironet_1532killer_wi-fi_6e_ax1675ir829gw-lte-vz-ak9_firmwarecatalyst_9117axi_firmwarewebex_room_70_dual_g2_firmwareir829-2lte-ea-ak9_firmwareproset_wi-fi_6e_ax210_firmwaremeraki_gr10_firmwareaironet_1542i_firmwarescalance_w761-1webex_room_kitmeraki_mr32scalance_w722-1_firmwareaironet_1852meraki_mx68wscalance_wam766-1_6ghz_firmwarecatalyst_9105axiscalance_wam763-1_firmwarescalance_w734-1_firmwarec-235_firmware1109-4pip_phone_8861_firmwaremeraki_mr33webex_board_70swebex_room_kit_miniaironet_1800i_firmwaremeraki_mr76meraki_mr53e_firmwareaironet_18421100-8p_firmwareproset_ac_3165scalance_w788-1_firmwaremeraki_mr46e_firmwaremeraki_mx68w_firmwarekiller_wi-fi_6e_ax1675_firmwaremeraki_mr46_firmwarewebex_dx80scalance_w1788-2_firmwarecatalyst_9130_approset_ac_9462meraki_mr12_firmwareaironet_1542iaironet_1842_firmwaremeraki_mr84webex_room_55_firmwaremeraki_mx67cwir829gw-lte-ga-zk9ip_phone_8821_firmwarecatalyst_9120axpac_8260_firmwarec-250webex_board_55_firmware1100_firmwarescalance_wum763-1_firmwarescalance_w1748-1w-118meraki_mr20_firmwarec-100scalance_w734-1ip_phone_6861scalance_w774-1_firmwarescalance_wum763-1proset_ac_9260catalyst_9105_firmwaremeraki_mx68cwproset_ac_8260catalyst_9120axi_firmwarewebex_room_55_dual_firmwarescalance_w721-1_firmwaremeraki_mr52_firmwarecatalyst_9115_approset_wi-fi_6e_ax210scalance_w1788-2ia_firmwarescalance_wum766-1_6ghzscalance_w721-1meraki_mr46meraki_mr56catalyst_9130_ap_firmwarecatalyst_9130_firmwarescalance_w748-11109-2pwebex_room_55catalyst_9120axemeraki_mr42e_firmwarekiller_wi-fi_6_ax1650meraki_mr55_firmwarekiller_ac_1550_firmwareir829-2lte-ea-ek9catalyst_9115axi_firmwareir829-2lte-ea-ek9_firmwarescalance_w786-2ia_firmwarew-118_firmwareproset_ac_8260_firmwareaironet_1815i_firmwarecatalyst_9117meraki_mr72webex_room_70c-65_firmwarecatalyst_9130axiwindows_rt_8.1webex_dx80_firmwarescalance_w778-1_firmwarescalance_w788-2_firmwarec-120_firmwarecatalyst_9115_firmwareproset_ac_9461_firmwarec-75meraki_mr74_firmwaremeraki_mx67w_firmwaremeraki_gr10aironet_1810windows_server_2019meraki_mx67wmeraki_mr84_firmwaremeraki_mr53ip_phone_8832scalance_w761-1_firmware1100-4p_firmwareaironet_iw3702_firmwarecatalyst_9105axwaironet_1832_firmwarescalance_wum766-1scalance_w1750d_firmwarescalance_wam766-1_6ghzproset_ac_8265catalyst_9130axe_firmwarewebex_dx70c-130_firmwarec-120meraki_mr70_firmwarecatalyst_9105axi_firmwaremeraki_z3cac_9260_firmwarew-68aironet_1832aironet_1815icatalyst_9120_apmeraki_mr26_firmwareip_phone_8865_firmwareip_phone_8865meraki_mr53_firmwareip_phone_8832_firmwaremeraki_mr76_firmwaremeraki_mr34debian_linuxip_phone_6861_firmwarescalance_w1788-2iaaironet_1800imeraki_mr20windows_server_2008scalance_w786-2o-105ir829gw-lte-na-ak9_firmwaremeraki_mr44meraki_mr12meraki_mr66_firmwarecatalyst_9130axi_firmwarescalance_wum766-1_firmwarewi-fi_6_ax200meraki_mr45_firmwarescalance_w778-1webex_room_70_single_firmwarescalance_w1788-1_firmwarescalance_w738-1_firmwaremeraki_z3c_firmwareproset_ac_8265_firmware1101-4paironet_ap803_firmwareir829gw-lte-ga-ek9aironet_1800c-65catalyst_9124_firmware1100-4pmeraki_mr62_firmwarescalance_w1748-1_firmwarecatalyst_9130c-75_firmwareieee_802.11scalance_wum766-1_6ghz_firmwarecatalyst_9115_ap_firmwareo-105_firmwarescalance_w786-2iameraki_mr45catalyst_9120axiscalance_wam763-1ir829gw-lte-na-ak9catalyst_9115axewebex_room_70_firmwareproset_ac_3165_firmwaremeraki_mx65wc-260_firmwarewi-fi_6_ax201windows_7webex_board_55scatalyst_9124axd_firmwarescalance_wam766-1_firmwarec-130meraki_mr53eaironet_1542d_firmwarecatalyst_9105scalance_w738-1scalance_w1788-2proset_ac_3168c-2001109-4p_firmwarewi-fi_6_ax201_firmwarewindows_8.1webex_board_70aironet_1810waironet_iw3702scalance_w722-1ir829-2lte-ea-bk9_firmwarecatalyst_9130axemeraki_z3_firmwarecatalyst_9105axw_firmwarecatalyst_9117_firmwarec-250_firmwarewebex_room_70_single_g2_firmwarewebex_board_55scalance_w786-1_firmwareaironet_1815webex_board_85sc-260webex_room_70_dualaironet_1852_firmwareac_8265proset_ac_3168_firmwarecatalyst_9124axi_firmwareo-90webex_room_70_dual_g2meraki_mr72_firmwarecatalyst_9120_firmwareaironet_ap803meraki_gr60linux_kernelscalance_w788-1catalyst_9117_apmeraki_mr62aironet_1800_firmwaremeraki_mr42ekiller_ac_1550meraki_mr30hwindows_server_2016meraki_mx64w_firmwarewindows_server_2012webex_room_70_singlewebex_board_70_firmwarecatalyst_9124meraki_mr56_firmwaremeraki_mx64ww-68_firmwaremeraki_mr26webex_board_55s_firmwaremeraki_mr86_firmware1100meraki_mx67cw_firmwareac_8260scalance_wam766-1meraki_mr44_firmwareproset_wi-fi_6_ax201scalance_w788-2proset_wi-fi_6_ax200ir829-2lte-ea-ak9ip_phone_8821catalyst_9115ir829gw-lte-ga-sk9mac80211aironet_1542dcatalyst_9120meraki_mr36meraki_mr66catalyst_9124axdproset_wi-fi_6_ax200_firmwaremeraki_mr74ac_9260webex_board_70s_firmwaremeraki_mr30h_firmwareproset_ac_9461ir829gw-lte-ga-ek9_firmwareaironet_1532_firmwaren/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-26140
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.43% / 61.57%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 19:34
Updated-04 Aug, 2024 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.

Action-Not Available
Vendor-alfan/aIntel CorporationArista Networks, Inc.Siemens AGCisco Systems, Inc.
Product-catalyst_9117_ap_firmwarewebex_room_kit_firmwareip_phone_8861ac_9560_firmwareir829gw-lte-ga-zk9_firmwareac_8265_firmware1100-8pscalance_w786-2_firmwareir829gw-lte-ga-ck9c-100_firmwarecatalyst_9115axe_firmware1109-2p_firmwareproset_ac_9560_firmwaremeraki_z3webex_room_70_single_g2catalyst_9120_ap_firmwareaironet_1562eo-90_firmwareaironet_1810_firmwareac_9560killer_wi-fi_6_ax1650_firmwareaironet_2800i_firmwaremeraki_gr60_firmwareproset_wireless_7265_\(rev_d\)aironet_17021101-4p_firmwareir829gw-lte-vz-ak9aironet_3800p_firmwarecatalyst_9124axicatalyst_9115axiaironet_2702aironet_4800catalyst_9117aximeraki_mr70c-110aironet_3800proset_wi-fi_6_ax201_firmwaremeraki_mr55catalyst_iw6300_firmwarewebex_dx70_firmwaremeraki_mr33_firmwarescalance_w748-1_firmwaremeraki_mx68cw_firmwarewebex_board_85s_firmwarec-110_firmwaremeraki_mr34_firmwaremeraki_mr52aironet_1562d_firmwareir829-2lte-ea-bk9scalance_w1750daironet_3800iwebex_room_70_dual_firmwareaironet_1810w_firmwareir829gw-lte-ga-sk9_firmwarescalance_w774-1aironet_1552hmeraki_mx65w_firmwarescalance_w1788-1webex_room_55_dualcatalyst_9120axp_firmwareaironet_1815_firmwarescalance_w786-1meraki_mr42proset_ac_9560c-235c-230c-200_firmwaremeraki_mr86meraki_mr36_firmwarecatalyst_9120axe_firmwareproset_ac_9260_firmwaremeraki_mr32_firmwarec-230_firmwareir829gw-lte-ga-ck9_firmwarewi-fi_6_ax200_firmwareaironet_3800e_firmwaremeraki_mr42_firmwareproset_ac_9462_firmwarewebex_room_kit_mini_firmwaremeraki_mr46eproset_wireless_7265_\(rev_d\)_firmwareaironet_1532killer_wi-fi_6e_ax1675ir829gw-lte-vz-ak9_firmwarecatalyst_9117axi_firmwarewebex_room_70_dual_g2_firmwareir829-2lte-ea-ak9_firmwareproset_wi-fi_6e_ax210_firmwaremeraki_gr10_firmwareaironet_1542i_firmwarescalance_w761-1aironet_1572webex_room_kitmeraki_mr32scalance_w722-1_firmwareaironet_1852meraki_mx68wesw-6300-con-x-k9catalyst_iw6300_dcw_firmwarescalance_wam766-1_6ghz_firmwarecatalyst_9105axiaironet_2800e_firmwarescalance_wam763-1_firmwarescalance_w734-1_firmwareaironet_1552c-235_firmware1109-4pip_phone_8861_firmwaremeraki_mr33webex_board_70saironet_3800_firmwareawus036h_firmwareaironet_3702webex_room_kit_miniaironet_1800i_firmwarecatalyst_iw6300_dcwesw-6300-con-x-k9_firmwaremeraki_mr76catalyst_iw6300_acmeraki_mr53e_firmwareaironet_18421100-8p_firmwareproset_ac_3165scalance_w788-1_firmwarecatalyst_iw6300_ac_firmwaremeraki_mr46e_firmwaremeraki_mx68w_firmwarekiller_wi-fi_6e_ax1675_firmwaremeraki_mr46_firmwarewebex_dx80scalance_w1788-2_firmwarecatalyst_9130_approset_ac_9462meraki_mr12_firmwareaironet_1542iaironet_1842_firmwareaironet_3800pwebex_room_55_firmwaremeraki_mr84meraki_mx67cwir829gw-lte-ga-zk9ip_phone_8821_firmwarecatalyst_9120axpaironet_2800_firmwareac_8260_firmwarec-250webex_board_55_firmware1100_firmwarescalance_wum763-1_firmwarescalance_w1748-1w-118meraki_mr20_firmwarec-100scalance_w734-1ip_phone_6861scalance_w774-1_firmwarescalance_wum763-1proset_ac_9260catalyst_9105_firmwaremeraki_mx68cwproset_ac_8260catalyst_9120axi_firmwarewebex_room_55_dual_firmwarescalance_w721-1_firmwaremeraki_mr52_firmwarecatalyst_9115_approset_wi-fi_6e_ax210scalance_w1788-2ia_firmwarescalance_wum766-1_6ghzscalance_w721-1meraki_mr46meraki_mr56catalyst_9130_ap_firmwarecatalyst_9130_firmwarescalance_w748-11109-2pwebex_room_55catalyst_9120axemeraki_mr42e_firmwarekiller_wi-fi_6_ax1650meraki_mr55_firmwarekiller_ac_1550_firmwareir829-2lte-ea-ek9catalyst_9115axi_firmwareir829-2lte-ea-ek9_firmwarescalance_w786-2ia_firmwarew-118_firmwareproset_ac_8260_firmwareaironet_1815i_firmwarecatalyst_9117aironet_1572_firmwaremeraki_mr72webex_room_70c-65_firmwarecatalyst_9130axiaironet_2800webex_dx80_firmwarescalance_w778-1_firmwarescalance_w788-2_firmwarec-120_firmwareawus036hcatalyst_9115_firmwareproset_ac_9461_firmwareaironet_1562e_firmwarec-75meraki_mr74_firmwaremeraki_mx67w_firmwaremeraki_gr10aironet_1810aironet_1562imeraki_mx67wmeraki_mr84_firmwaremeraki_mr53ip_phone_8832scalance_w761-1_firmware1100-4p_firmwareaironet_iw3702_firmwarecatalyst_9105axwesw6300aironet_1832_firmwareaironet_3702_firmwarescalance_wum766-1scalance_w1750d_firmwarescalance_wam766-1_6ghzproset_ac_8265aironet_1552_firmwarecatalyst_9130axe_firmwarewebex_dx70c-130_firmwarec-120meraki_mr70_firmwareaironet_2800icatalyst_9105axi_firmwaremeraki_z3ccatalyst_iw6300_dc_firmwareac_9260_firmwarew-68aironet_1832aironet_1815icatalyst_9120_apmeraki_mr26_firmwareip_phone_8865_firmwareaironet_4800_firmwareip_phone_8865meraki_mr53_firmwareip_phone_8832_firmwaremeraki_mr76_firmwaremeraki_mr34ip_phone_6861_firmwareaironet_1562i_firmwarescalance_w1788-2iaaironet_1800imeraki_mr20scalance_w786-2o-105aironet_1560ir829gw-lte-na-ak9_firmwaremeraki_mr44meraki_mr12meraki_mr66_firmwarecatalyst_9130axi_firmwarescalance_wum766-1_firmwarewi-fi_6_ax200meraki_mr45_firmwarescalance_w778-1webex_room_70_single_firmwarescalance_w1788-1_firmwarescalance_w738-1_firmwaremeraki_z3c_firmwareproset_ac_8265_firmware1101-4paironet_ap803_firmwareir829gw-lte-ga-ek9aironet_1800c-65catalyst_9124_firmware1100-4pmeraki_mr62_firmwarescalance_w1748-1_firmwareesw6300_firmwarecatalyst_9130c-75_firmwareaironet_1562dscalance_wum766-1_6ghz_firmwarecatalyst_9115_ap_firmwareo-105_firmwarescalance_w786-2iameraki_mr45catalyst_9120axiscalance_wam763-1ir829gw-lte-na-ak9catalyst_9115axewebex_room_70_firmwareproset_ac_3165_firmwaremeraki_mx65wc-260_firmwarewi-fi_6_ax201catalyst_9124axd_firmwarewebex_board_55sscalance_wam766-1_firmwarec-130meraki_mr53eaironet_1542d_firmwarecatalyst_9105scalance_w738-1scalance_w1788-2proset_ac_3168c-2001109-4p_firmwarecatalyst_iw6300wi-fi_6_ax201_firmwarewebex_board_70aironet_1810waironet_iw3702scalance_w722-1ir829-2lte-ea-bk9_firmwarecatalyst_9130axemeraki_z3_firmwarecatalyst_9105axw_firmwarecatalyst_9117_firmwarec-250_firmwarewebex_room_70_single_g2_firmwarewebex_board_55aironet_1560_firmwarescalance_w786-1_firmwarecatalyst_iw6300_dcaironet_1815webex_board_85sc-260webex_room_70_dualaironet_1852_firmwareac_8265proset_ac_3168_firmwarecatalyst_9124axi_firmwareo-90webex_room_70_dual_g2meraki_mr72_firmwarecatalyst_9120_firmwareaironet_ap803meraki_gr60aironet_2702_firmwarescalance_w788-1catalyst_9117_apmeraki_mr62aironet_2800eaironet_1800_firmwaremeraki_mr42ekiller_ac_1550aironet_1702_firmwaremeraki_mr30hmeraki_mx64w_firmwarewebex_room_70_singlecatalyst_9124webex_board_70_firmwaremeraki_mx64wmeraki_mr56_firmwarew-68_firmwaremeraki_mr26aironet_3800ewebex_board_55s_firmwaremeraki_mr86_firmware1100meraki_mx67cw_firmwareaironet_3800i_firmwareac_8260scalance_wam766-1meraki_mr44_firmwareproset_wi-fi_6_ax201scalance_w788-2proset_wi-fi_6_ax200ir829-2lte-ea-ak9ip_phone_8821catalyst_9115ir829gw-lte-ga-sk9aironet_1542dcatalyst_9120meraki_mr36meraki_mr66catalyst_9124axdaironet_1552h_firmwareproset_wi-fi_6_ax200_firmwaremeraki_mr74ac_9260webex_board_70s_firmwaremeraki_mr30h_firmwareproset_ac_9461ir829gw-lte-ga-ek9_firmwareaironet_1532_firmwaren/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2023-37464
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.6||HIGH
EPSS-0.25% / 48.38%
||
7 Day CHG~0.00%
Published-14 Jul, 2023 | 20:25
Updated-13 Feb, 2025 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Authentication Tag length usage in AES GCM decryption in OpenIDC/cjose

OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption (JOSE). The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug allows an attacker to provide a truncated Authentication Tag and to modify the JWE accordingly. Users should upgrade to a version >= 0.6.2.2. Users unable to upgrade should avoid using AES GCM encryption and replace it with another encryption algorithm (e.g. AES CBC).

Action-Not Available
Vendor-OpenIDCCisco Systems, Inc.
Product-cjosecjosecjose
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-1706
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.54% / 66.73%
||
7 Day CHG~0.00%
Published-03 May, 2019 | 16:10
Updated-19 Nov, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software IPsec Denial of Service Vulnerability

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error with how the software cryptography module handles IPsec sessions. An attacker could exploit this vulnerability by creating and sending traffic in a high number of IPsec sessions through the targeted device. A successful exploit could cause the device to reload and result in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa-5545-xasa-5506-xasa-5516-xasa-5506h-xasa-5506w-xadaptive_security_appliance_softwareasa-5508-xasa-5525-xasa-5555-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-404
Improper Resource Shutdown or Release
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-12621
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 23.28%
||
7 Day CHG~0.00%
Published-21 Aug, 2019 | 18:00
Updated-20 Nov, 2024 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco HyperFlex Static SSL Key Vulnerability

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to perform a man-in-the-middle attack. The vulnerability is due to insufficient key management. An attacker could exploit this vulnerability by obtaining a specific encryption key for the cluster. A successful exploit could allow the attacker to perform a man-in-the-middle attack against other nodes in the cluster.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-hyperflex_hx240c_af_m5hyperflex_hx240c_m5hyperflex_hx220c_m5hyperflex_hx240c_m5_firmwarehyperflex_hx220c_edge_m5hyperflex_hx220c_m5_firmwarehyperflex_hx220c_af_m5_firmwarehyperflex_hx240c_af_m5_firmwarehyperflex_hx220c_edge_m5_firmwarehyperflex_hx220c_af_m5Cisco HyperFlex HX-Series
CWE ID-CWE-320
Not Available
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2022-20805
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.1||MEDIUM
EPSS-0.03% / 8.20%
||
7 Day CHG~0.00%
Published-21 Apr, 2022 | 18:51
Updated-06 Nov, 2024 | 16:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability

A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption function uses the TLS Sever Name Indication (SNI) extension of an HTTP request to discover the destination domain and determine if the request needs to be decrypted. An attacker could exploit this vulnerability by sending a crafted request over TLS from a client to an unknown or controlled URL. A successful exploit could allow an attacker to bypass the decryption process of Cisco Umbrella SWG and allow malicious content to be downloaded to a host on a protected network. There are workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-umbrella_secure_web_gatewayCisco Umbrella Insights Virtual Appliance
CWE ID-CWE-693
Protection Mechanism Failure
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-24587
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.6||LOW
EPSS-0.34% / 56.30%
||
7 Day CHG~0.00%
Published-11 May, 2021 | 00:00
Updated-04 Aug, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.

Action-Not Available
Vendor-ieeen/aIntel CorporationDebian GNU/LinuxLinux Kernel Organization, IncCisco Systems, Inc.Arista Networks, Inc.
Product-catalyst_9117_ap_firmwarewebex_room_kit_firmwareip_phone_8861ac_9560_firmwareir829gw-lte-ga-zk9_firmwareac_8265_firmware1100-8pir829gw-lte-ga-ck9c-100_firmwarecatalyst_9115axe_firmware1109-2p_firmwareproset_ac_9560_firmwaremeraki_z3webex_room_70_single_g2catalyst_9120_ap_firmwareo-90_firmwareaironet_1810_firmwareac_9560killer_wi-fi_6_ax1650_firmwareaironet_2800i_firmwaremeraki_gr60_firmwareproset_wireless_7265_\(rev_d\)aironet_17021101-4p_firmwareir829gw-lte-vz-ak9aironet_3800p_firmwarecatalyst_9124axicatalyst_9115axiaironet_2702aironet_4800catalyst_9117aximeraki_mr70c-110aironet_3800proset_wi-fi_6_ax201_firmwaremeraki_mr55catalyst_iw6300_firmwarewebex_dx70_firmwaremeraki_mr33_firmwaremeraki_mx68cw_firmwarewebex_board_85s_firmwarec-110_firmwaremeraki_mr34_firmwaremeraki_mr52ir829-2lte-ea-bk9aironet_3800iwebex_room_70_dual_firmwareaironet_1810w_firmwareir829gw-lte-ga-sk9_firmwareaironet_1552hmeraki_mx65w_firmwarewebex_room_55_dualcatalyst_9120axp_firmwareaironet_1815_firmwaremeraki_mr42proset_ac_9560c-235c-200_firmwarec-230meraki_mr86meraki_mr36_firmwarecatalyst_9120axe_firmwareproset_ac_9260_firmwaremeraki_mr32_firmwarec-230_firmwareir829gw-lte-ga-ck9_firmwarewi-fi_6_ax200_firmwareaironet_3800e_firmwaremeraki_mr42_firmwareproset_ac_9462_firmwarewebex_room_kit_mini_firmwaremeraki_mr46eproset_wireless_7265_\(rev_d\)_firmwareaironet_1532killer_wi-fi_6e_ax1675ir829gw-lte-vz-ak9_firmwarecatalyst_9117axi_firmwarewebex_room_70_dual_g2_firmwareir829-2lte-ea-ak9_firmwareproset_wi-fi_6e_ax210_firmwaremeraki_gr10_firmwareaironet_1542i_firmwareaironet_1572webex_room_kitmeraki_mr32aironet_1852meraki_mx68wcatalyst_iw6300_dcw_firmwarecatalyst_9105axiaironet_2800e_firmwareaironet_1552c-235_firmware1109-4pip_phone_8861_firmwaremeraki_mr33webex_board_70saironet_3800_firmwareaironet_3702webex_room_kit_miniaironet_1800i_firmwarecatalyst_iw6300_dcwmeraki_mr76catalyst_iw6300_acmeraki_mr53e_firmwareaironet_18421100-8p_firmwareproset_ac_3165catalyst_iw6300_ac_firmwaremeraki_mr46e_firmwaremeraki_mx68w_firmwarekiller_wi-fi_6e_ax1675_firmwaremeraki_mr46_firmwarewebex_dx80catalyst_9130_approset_ac_9462meraki_mr12_firmwareaironet_1542iaironet_1842_firmwareaironet_3800pwebex_room_55_firmwaremeraki_mr84meraki_mx67cwir829gw-lte-ga-zk9ip_phone_8821_firmwarecatalyst_9120axpaironet_2800_firmwareac_8260_firmwarec-250webex_board_55_firmware1100_firmwarew-118meraki_mr20_firmwarec-100ip_phone_6861proset_ac_9260catalyst_9105_firmwaremeraki_mx68cwproset_ac_8260catalyst_9120axi_firmwarewebex_room_55_dual_firmwaremeraki_mr52_firmwarecatalyst_9115_approset_wi-fi_6e_ax210meraki_mr46meraki_mr56catalyst_9130_ap_firmwarecatalyst_9130_firmwarewebex_room_551109-2pcatalyst_9120axemeraki_mr42e_firmwarekiller_wi-fi_6_ax1650meraki_mr55_firmwarekiller_ac_1550_firmwareir829-2lte-ea-ek9catalyst_9115axi_firmwareir829-2lte-ea-ek9_firmwarew-118_firmwareproset_ac_8260_firmwareaironet_1815i_firmwarecatalyst_9117aironet_1572_firmwaremeraki_mr72webex_room_70c-65_firmwarecatalyst_9130axiaironet_2800webex_dx80_firmwarec-120_firmwarecatalyst_9115_firmwareproset_ac_9461_firmwarec-75meraki_mr74_firmwaremeraki_mx67w_firmwaremeraki_gr10aironet_1810meraki_mx67wmeraki_mr84_firmwaremeraki_mr53ip_phone_88321100-4p_firmwareaironet_iw3702_firmwarecatalyst_9105axwesw6300aironet_1832_firmwareaironet_3702_firmwareproset_ac_8265aironet_1552_firmwarecatalyst_9130axe_firmwarewebex_dx70c-130_firmwarec-120meraki_mr70_firmwareaironet_2800icatalyst_9105axi_firmwaremeraki_z3ccatalyst_iw6300_dc_firmwareac_9260_firmwarew-68aironet_1832aironet_1815icatalyst_9120_apmeraki_mr26_firmwareip_phone_8865_firmwareaironet_4800_firmwareip_phone_8865meraki_mr53_firmwareip_phone_8832_firmwaremeraki_mr76_firmwaremeraki_mr34debian_linuxip_phone_6861_firmwareaironet_1800imeraki_mr20o-105ir829gw-lte-na-ak9_firmwaremeraki_mr44meraki_mr12meraki_mr66_firmwarecatalyst_9130axi_firmwarewi-fi_6_ax200meraki_mr45_firmwarewebex_room_70_single_firmwareir829gw-lte-ga-ek9meraki_z3c_firmwareproset_ac_8265_firmwareaironet_18001101-4paironet_ap803_firmwarec-65catalyst_9124_firmware1100-4pmeraki_mr62_firmwareesw6300_firmwarecatalyst_9130c-75_firmwareieee_802.11catalyst_9115_ap_firmwareo-105_firmwaremeraki_mr45catalyst_9120axiir829gw-lte-na-ak9catalyst_9115axewebex_room_70_firmwareproset_ac_3165_firmwaremeraki_mx65wc-260_firmwarewi-fi_6_ax201catalyst_9124axd_firmwarewebex_board_55sc-130meraki_mr53eaironet_1542d_firmwarecatalyst_9105proset_ac_3168c-2001109-4p_firmwarecatalyst_iw6300wi-fi_6_ax201_firmwarewebex_board_70aironet_1810waironet_iw3702ir829-2lte-ea-bk9_firmwarecatalyst_9130axemeraki_z3_firmwarecatalyst_9105axw_firmwarecatalyst_9117_firmwarec-250_firmwarewebex_room_70_single_g2_firmwarewebex_board_55catalyst_iw6300_dcaironet_1815webex_board_85sc-260webex_room_70_dualaironet_1852_firmwareac_8265proset_ac_3168_firmwarecatalyst_9124axi_firmwareo-90webex_room_70_dual_g2meraki_mr72_firmwarecatalyst_9120_firmwareaironet_ap803meraki_gr60linux_kernelaironet_2702_firmwarecatalyst_9117_apmeraki_mr62aironet_2800eaironet_1800_firmwaremeraki_mr42ekiller_ac_1550aironet_1702_firmwaremeraki_mr30hmeraki_mx64w_firmwarewebex_room_70_singlecatalyst_9124webex_board_70_firmwaremeraki_mx64wmeraki_mr56_firmwarew-68_firmwaremeraki_mr26aironet_3800ewebex_board_55s_firmwaremeraki_mr86_firmware1100meraki_mx67cw_firmwareaironet_3800i_firmwareac_8260meraki_mr44_firmwareproset_wi-fi_6_ax201proset_wi-fi_6_ax200ir829-2lte-ea-ak9ip_phone_8821catalyst_9115ir829gw-lte-ga-sk9mac80211aironet_1542dcatalyst_9120meraki_mr36meraki_mr66catalyst_9124axdaironet_1552h_firmwareproset_wi-fi_6_ax200_firmwaremeraki_mr74ac_9260webex_board_70s_firmwaremeraki_mr30h_firmwareproset_ac_9461ir829gw-lte-ga-ek9_firmwareaironet_1532_firmwaren/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2022-22327
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.10% / 27.62%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 16:45
Updated-17 Sep, 2024 | 00:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 218859.

Action-Not Available
Vendor-IBM Corporation
Product-urbancode_deployUrbanCode Deploy
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2017-10668
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.08% / 24.21%
||
7 Day CHG~0.00%
Published-30 Jun, 2017 | 12:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the transport encryption.

Action-Not Available
Vendor-xoevn/a
Product-osci_transport_libraryn/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-39002
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.05% / 16.09%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 17:00
Updated-16 Sep, 2024 | 20:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncNetApp, Inc.Oracle Corporation
Product-solarislinux_kerneldb2hp-uxwindowsaixoncommand_insightDB2 for Linux, UNIX and Windows
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-6485
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.46% / 63.31%
||
7 Day CHG~0.00%
Published-22 Feb, 2019 | 23:00
Updated-04 Aug, 2024 | 20:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 and Application Delivery Controller (ADC) 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14, 11.0 before build 72.17, and 10.5 before build 69.5 allow remote attackers to obtain sensitive plaintext information because of a TLS Padding Oracle Vulnerability when CBC-based cipher suites are enabled.

Action-Not Available
Vendor-n/aCitrix (Cloud Software Group, Inc.)
Product-netscaler_application_delivery_controllernetscaler_application_delivery_controller_firmwarenetscaler_gateway_firmwarenetscaler_gatewayn/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2007-5460
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-1.03% / 76.37%
||
7 Day CHG~0.00%
Published-15 Oct, 2007 | 22:00
Updated-07 Aug, 2024 | 15:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption (XOR obfuscation with a fixed key) when sending the user's PIN/Password over the USB connection from the host to the device, which might make it easier for attackers to decode a PIN/Password obtained by (1) sniffing or (2) spoofing the docking process.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_mobileactivesyncn/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-29704
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.09% / 25.85%
||
7 Day CHG~0.00%
Published-23 Aug, 2021 | 16:05
Updated-16 Sep, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Action-Not Available
Vendor-IBM Corporation
Product-resilient_security_orchestration_automation_and_responseSecurity
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-29750
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-15 Sep, 2021 | 17:55
Updated-16 Sep, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 201778.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-qradar_security_information_and_event_managerlinux_kernelQRadar SIEM
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-29723
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.14% / 35.05%
||
7 Day CHG~0.00%
Published-30 Aug, 2021 | 17:00
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.

Action-Not Available
Vendor-Microsoft CorporationHP Inc.IBM CorporationLinux Kernel Organization, IncOracle Corporation
Product-sterling_external_authentication_serversolarislinux_kernelsterling_secure_proxyhp-uxlinux_on_ibm_zwindowsaixSterling Secure Proxy
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-29894
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.10% / 27.62%
||
7 Day CHG~0.00%
Published-30 Sep, 2021 | 16:20
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 207320.

Action-Not Available
Vendor-Red Hat, Inc.IBM Corporation
Product-openshiftcloud_pak_for_securityCloud Pak for Security
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2021-20566
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.09% / 25.85%
||
7 Day CHG~0.00%
Published-16 Jun, 2021 | 16:15
Updated-16 Sep, 2024 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238.

Action-Not Available
Vendor-Red Hat, Inc.IBM Corporation
Product-resilient_security_orchestration_automation_and_responselinuxResilient SOAR
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-4609
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.13% / 33.78%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 16:15
Updated-17 Sep, 2024 | 02:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510.

Action-Not Available
Vendor-IBM Corporation
Product-api_connectAPI Connect
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2017-17167
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.9||MEDIUM
EPSS-0.07% / 22.45%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 17:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could result in the exposure of sensitive information.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-viewpoint_9030viewpoint_9030_firmwaretp3206dp300tp3206_firmwaredp300_firmwareDP300; TP3206; ViewPoint 9030
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4596
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 18:10
Updated-17 Sep, 2024 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184812.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, Inc
Product-security_guardium_insightslinux_kernelSecurity Guardium Insights
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4613
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-22 Sep, 2020 | 13:55
Updated-16 Sep, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 184925.

Action-Not Available
Vendor-IBM Corporation
Product-data_risk_managerData Risk Manager
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4349
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-27 May, 2020 | 13:15
Updated-16 Sep, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_scaleSpectrum Scale
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4965
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.11%
||
7 Day CHG~0.00%
Published-12 Apr, 2021 | 18:00
Updated-16 Sep, 2024 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 192422.

Action-Not Available
Vendor-IBM Corporation
Product-rational_engineering_lifecycle_managerengineering_requirements_management_doors_nextengineering_test_managementrational_quality_managerengineering_insightsrational_team_concertengineering_workflow_managementdoors_nextcollaborative_lifecycle_managementremovable_media_managementengineering_lifecycle_managementrhapsody_model_managerRational Quality ManagerRational DOORS Next GenerationRational Rhapsody Model ManagerEngineering Workflow ManagementRational Collaborative Lifecycle ManagementEngineering Lifecycle OptimizationRational Engineering Lifecycle ManagerEngineering Test ManagementRational Team Concert
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4898
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-07 Jan, 2021 | 17:40
Updated-16 Sep, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 190989.

Action-Not Available
Vendor-IBM Corporation
Product-emptoris_strategic_supply_managementEmptoris Strategic Supply Management
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4185
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 12:55
Updated-16 Sep, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium 10.5, 10.6, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174803.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardiumSecurity Guardium
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4367
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 13:45
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001.

Action-Not Available
Vendor-IBM Corporation
Product-planning_analytics_localPlanning Analytics Local
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4831
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-12 Mar, 2021 | 16:40
Updated-17 Sep, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.

Action-Not Available
Vendor-IBM Corporation
Product-datapower_gatewayDataPower Gateway
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4174
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 12:40
Updated-17 Sep, 2024 | 04:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardium_insightsSecurity Guardium Insights
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4379
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-27 May, 2020 | 13:15
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158.

Action-Not Available
Vendor-IBM Corporation
Product-spectrum_scaleSpectrum Scale
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4169
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.13% / 33.03%
||
7 Day CHG~0.00%
Published-27 Aug, 2020 | 12:40
Updated-16 Sep, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174405.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardium_insightsSecurity Guardium Insights
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4254
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-16 Oct, 2020 | 16:40
Updated-17 Sep, 2024 | 04:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 175560.

Action-Not Available
Vendor-IBM Corporation
Product-security_guardium_big_data_intelligenceSecurity Guardium Big Data Intelligence
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2020-4452
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.11% / 30.33%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 13:30
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 181324.

Action-Not Available
Vendor-IBM Corporation
Product-api_connectAPI Connect
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-9155
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.29% / 51.59%
||
7 Day CHG~0.00%
Published-22 Aug, 2019 | 15:48
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.

Action-Not Available
Vendor-openpgpjsn/a
Product-openpgpjsn/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-4399
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.13% / 33.78%
||
7 Day CHG~0.00%
Published-25 Oct, 2019 | 16:30
Updated-16 Sep, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 162260.

Action-Not Available
Vendor-IBM Corporation
Product-cloud_orchestratorCloud Orchestrator
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-4427
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.08% / 23.98%
||
7 Day CHG~0.00%
Published-12 Feb, 2020 | 16:10
Updated-16 Sep, 2024 | 17:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773.

Action-Not Available
Vendor-Microsoft CorporationIBM Corporation
Product-windowscloud_cliCloud CLI
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
  • Previous
  • 1
  • 2
  • Next
Details not found