CVE-2017-5670
Summary
| CVE | CVE-2017-5670 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-04-04 16:59:00 UTC |
| Updated | 2017-05-24 01:29:00 UTC |
| Description | Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Riverbed RiOS CVE-2017-5670 Local Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Riverbed Security Advisory for CVE-2017-5670, CVE-2017-7305, CVE-2017-7306, and CVE-2017-7307 | MISC | supportkb.riverbed.com | Mitigation, Vendor Advisory |
| Full Disclosure: CVE-2017-5670 : Riverbed RiOS insecure cryptographic storage | MISC | seclists.org | Mailing List, Third Party Advisory |
| Sysdream, Riverbed RiOS insecure cryptographic storage (CVE-2017-5670) | MISC | sysdream.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.