CVE-2017-7306

** DISPUTED ** Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs.

CVSS v3 6.4 MEDIUM
CVSS v2.0 1.9 LOW

6.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.5 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

1.9^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 3.4 / Impact : 2.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://seclists.org/fulldisclosure/2017/Feb/25	Exploit Technical Description Third Party Advisory
https://supportkb.riverbed.com/support/index?page=content&id=S30065	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:riverbed:rios:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-04-04 16:59

Updated : 2024-08-05 16:15

NVD link : CVE-2017-7306

Mitre link : CVE-2017-7306

CVE.ORG link : CVE-2017-7306

JSON object : View

Products Affected

riverbed

rios

CWE

CWE-521

Weak Password Requirements

{"id": "CVE-2017-7306", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.4, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.5}], "cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.4, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.5}]}, "published": "2017-04-04T16:59:00.283", "references": [{"url": "http://seclists.org/fulldisclosure/2017/Feb/25", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://supportkb.riverbed.com/support/index?page=content&id=S30065", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-521"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-521"}]}], "descriptions": [{"lang": "en", "value": "Riverbed RiOS through 9.6.0 has a weak default password for the secure vault, which makes it easier for physically proximate attackers to defeat the secure-vault protection mechanism by leveraging knowledge of the password algorithm and the appliance serial number. NOTE: the vendor believes that this does not meet the definition of a vulnerability. The product contains correct computational logic for supporting arbitrary password changes by customers; however, a password change is optional to meet different customers' needs"}, {"lang": "es", "value": "** DISPUTED ** Riverbed RiOS hasta la versi\u00f3n 9.6.0 tiene una contrase\u00f1a por defecto d\u00e9bil para la b\u00f3veda segura, lo que hace m\u00e1s f\u00e1cil para los atacantes fisicamente cercanos derrotar el mecanismo de protecci\u00f3n de la b\u00f3veda segura aprovechando el conocimiento del algoritmo de contrase\u00f1a y el n\u00famero de serie del dispositivo. NOTA: el proveedor cree que esto no cumple con la definici\u00f3n de una vulnerabilidad. El producto contiene l\u00f3gica computacional correcta para soportar cambios de contrase\u00f1a arbitrarios por parte de los clientes; Sin embargo, un cambio de contrase\u00f1a es opcional para satisfacer las necesidades de diferentes clientes."}], "lastModified": "2024-08-05T16:15:29.533", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:riverbed:rios:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8FF29F5-75EA-450E-83ED-4ABC19B7AC6A", "versionEndIncluding": "9.6.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}