Vulnerability Description
Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Radware | Alteon Firmware | >= 31.0.0.0, <= 31.0.3.0 |
| Radware | Alteon | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102199Third Party AdvisoryVDB Entry
- https://robotattack.org/Technical Description
- https://support.radware.com/app/answers/answer_view/a_id/1010361/~/cve-2017-1742MitigationVendor Advisory
- https://www.kb.cert.org/vuls/id/144389Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/102199Third Party AdvisoryVDB Entry
- https://robotattack.org/Technical Description
- https://support.radware.com/app/answers/answer_view/a_id/1010361/~/cve-2017-1742MitigationVendor Advisory
- https://www.kb.cert.org/vuls/id/144389Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-17427?
CVE-2017-17427 is a vulnerability with a CVSS score of 5.9 (MEDIUM). Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed t...
How severe is CVE-2017-17427?
CVE-2017-17427 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-17427?
Check the references section above for vendor advisories and patch information. Affected products include: Radware Alteon Firmware, Radware Alteon.