{"api_version":"1","generated_at":"2026-04-23T09:37:18+00:00","cve":"CVE-2017-5670","urls":{"html":"https://cve.report/CVE-2017-5670","api":"https://cve.report/api/cve/CVE-2017-5670.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-5670","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-5670"},"summary":{"title":"CVE-2017-5670","description":"Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-04-04 16:59:00","updated_at":"2017-05-24 01:29:00"},"problem_types":["CWE-200"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/96175","name":"96175","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Riverbed RiOS CVE-2017-5670 Local Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://supportkb.riverbed.com/support/index?page=content&id=S30065","name":"https://supportkb.riverbed.com/support/index?page=content&id=S30065","refsource":"MISC","tags":["Mitigation","Vendor Advisory"],"title":"Riverbed Security Advisory for CVE-2017-5670, CVE-2017-7305, CVE-2017-7306, and CVE-2017-7307","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2017/Feb/25","name":"http://seclists.org/fulldisclosure/2017/Feb/25","refsource":"MISC","tags":["Mailing List","Third Party Advisory"],"title":"Full Disclosure: CVE-2017-5670 : Riverbed RiOS insecure cryptographic storage","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://sysdream.com/news/lab/2017-02-15-riverbed-rios-insecure-cryptographic-storage-cve-2017-5670/","name":"https://sysdream.com/news/lab/2017-02-15-riverbed-rios-insecure-cryptographic-storage-cve-2017-5670/","refsource":"MISC","tags":[],"title":"Sysdream, Riverbed RiOS insecure cryptographic storage (CVE-2017-5670)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-5670","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5670","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"5670","vulnerable":"1","versionEndIncluding":"9.6.0","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"riverbed","cpe5":"rios","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-5670","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://seclists.org/fulldisclosure/2017/Feb/25","refsource":"MISC","url":"http://seclists.org/fulldisclosure/2017/Feb/25"},{"name":"https://sysdream.com/news/lab/2017-02-15-riverbed-rios-insecure-cryptographic-storage-cve-2017-5670/","refsource":"MISC","url":"https://sysdream.com/news/lab/2017-02-15-riverbed-rios-insecure-cryptographic-storage-cve-2017-5670/"},{"name":"96175","refsource":"BID","url":"http://www.securityfocus.com/bid/96175"},{"name":"https://supportkb.riverbed.com/support/index?page=content&id=S30065","refsource":"MISC","url":"https://supportkb.riverbed.com/support/index?page=content&id=S30065"}]}},"nvd":{"publishedDate":"2017-04-04 16:59:00","lastModifiedDate":"2017-05-24 01:29:00","problem_types":["CWE-200"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.6,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:riverbed:rios:*:*:*:*:*:*:*:*","versionEndIncluding":"9.6.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"5670","Ordinal":"102252","Title":"CVE-2017-5670","CVE":"CVE-2017-5670","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"5670","Ordinal":"1","NoteData":"Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"5670","Ordinal":"2","NoteData":"2017-04-04","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"5670","Ordinal":"3","NoteData":"2017-05-22","Type":"Other","Title":"Modified"}]}}}