VAR-201712-0309
Vulnerability from variot - Updated: 2023-12-18 11:23Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a "ROBOT attack". Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Contains an information disclosure vulnerability.Information may be obtained. Multiple Citrix Products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks to obtain sensitive information, and perform unauthorized actions. Successful exploits will lead to other attacks. Security vulnerabilities exist in Citrix NetScaler ADC and NetScaler Gateway. A remote attacker can exploit this vulnerability to decrypt TLS-encrypted data
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 1.9,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 1.9,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 1.9,
"vendor": "citrix",
"version": "11.0"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 1.9,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "application delivery controller",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "application delivery controller",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "application delivery controller",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "application delivery controller",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "11.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "erlang",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "legion of the bouncy castle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "matrixssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "micro focus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wolfssl",
"version": null
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "11.0 build 71.22"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "10.5 build 67.13"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "netscaler application delivery controller",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "11.0"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "12.0 build 53.22"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "netscaler gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "11.0"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "11.1 build 56.19"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "10.5 build 67.13"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "11.0 build 71.22"
},
{
"model": "netscaler application delivery controller",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "netscaler application delivery controller",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "11.1 build 56.19"
},
{
"model": "netscaler gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "12.0 build 53.22"
},
{
"model": "netscaler application delivery controller",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "netscaler application delivery controller",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "netscaler adc",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "12.0"
},
{
"model": "netscaler adc",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "11.1"
},
{
"model": "netscaler adc",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "11.0"
},
{
"model": "netscaler adc",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "10.5"
},
{
"model": "netscaler gateway build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "12.053.22"
},
{
"model": "netscaler gateway build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "11.156.19"
},
{
"model": "netscaler gateway build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "11.071.22"
},
{
"model": "netscaler gateway build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "10.567.13"
},
{
"model": "netscaler adc build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "12.053.22"
},
{
"model": "netscaler adc build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "11.156.19"
},
{
"model": "netscaler adc build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "11.071.22"
},
{
"model": "netscaler adc build",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "10.567.13"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "BID",
"id": "102173"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17382"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hanno B\u00f6ck (hanno@hboeck.de), Juraj Somorovsky (juraj.somorovsky@rub.de) of Ruhr-Universit\u00e4t Bochum / Hackmanit GmbH and Craig Young (vuln report@secur3.us) of Tripwire VERT.",
"sources": [
{
"db": "BID",
"id": "102173"
}
],
"trust": 0.3
},
"cve": "CVE-2017-17382",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-17382",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-108399",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-17382",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-17382",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-498",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-108399",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108399"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. This attack is known as a \"ROBOT attack\". Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Contains an information disclosure vulnerability.Information may be obtained. Multiple Citrix Products are prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks to obtain sensitive information, and perform unauthorized actions. Successful exploits will lead to other attacks. Security vulnerabilities exist in Citrix NetScaler ADC and NetScaler Gateway. A remote attacker can exploit this vulnerability to decrypt TLS-encrypted data",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "BID",
"id": "102173"
},
{
"db": "VULHUB",
"id": "VHN-108399"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#144389",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2017-17382",
"trust": 2.8
},
{
"db": "BID",
"id": "102173",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1039985",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU92438713",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2023.1514",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-108399",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "VULHUB",
"id": "VHN-108399"
},
{
"db": "BID",
"id": "102173"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"id": "VAR-201712-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-108399"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:23:40.731000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CTX230238",
"trust": 0.8,
"url": "https://support.citrix.com/article/ctx230238"
},
{
"title": "Citrix NetScaler Application Delivery Controller and NetScaler Gateway Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=77140"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.1
},
{
"problemtype": "CWE-200",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-108399"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "NVD",
"id": "CVE-2017-17382"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "https://support.citrix.com/article/ctx230238"
},
{
"trust": 2.8,
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102173"
},
{
"trust": 1.7,
"url": "https://robotattack.org/"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039985"
},
{
"trust": 0.8,
"url": "https://robotattack.org"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-meyer.pdf"
},
{
"trust": 0.8,
"url": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf"
},
{
"trust": 0.8,
"url": "https://www.cert.org/historical/advisories/ca-1998-07.cfm"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc5246#section-7.4.7.1"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/203.html"
},
{
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171212-bleichenbacher"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k21905460"
},
{
"trust": 0.8,
"url": "https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c"
},
{
"trust": 0.8,
"url": "https://github.com/matrixssl/matrixssl/blob/master/doc/changes.md"
},
{
"trust": 0.8,
"url": "https://support.microfocus.com/kb/doc.php?id=7022561"
},
{
"trust": 0.8,
"url": "https://github.com/wolfssl/wolfssl/pull/1229"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-85268"
},
{
"trust": 0.8,
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17382"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92438713/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-17382"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.1514"
},
{
"trust": 0.3,
"url": "http://www.citrix.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "VULHUB",
"id": "VHN-108399"
},
{
"db": "BID",
"id": "102173"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "VULHUB",
"id": "VHN-108399"
},
{
"db": "BID",
"id": "102173"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "CERT/CC",
"id": "VU#144389"
},
{
"date": "2017-12-13T00:00:00",
"db": "VULHUB",
"id": "VHN-108399"
},
{
"date": "2017-12-12T00:00:00",
"db": "BID",
"id": "102173"
},
{
"date": "2018-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"date": "2017-12-13T16:29:00.253000",
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"date": "2017-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-09T00:00:00",
"db": "CERT/CC",
"id": "VU#144389"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-108399"
},
{
"date": "2017-12-19T22:38:00",
"db": "BID",
"id": "102173"
},
{
"date": "2018-01-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011823"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2017-17382"
},
{
"date": "2023-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding",
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-498"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…