Lucene search
K

6 matches found

NVD
NVD
added 2017/02/08 4:59 p.m.20 views

CVE-2016-10213

A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270...

5.9CVSS5.8AI score0.02058EPSS
Exploits0References3
Prion
Prion
added 2017/02/08 4:59 p.m.25 views

Session fixation

Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in ...

4.3CVSS5.8AI score0.03183EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/02/08 4:59 p.m.21 views

Authentication flaw

Radware devices use the same value for the first two GCM nonces, which allows remote attackers to obtain the authentication key and spoof data via a "forbidden attack," a similar issue to CVE-2016-0270. NOTE: this issue may be due to the use of a third-party Cavium product...

4.3CVSS6AI score0.03099EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2017/02/08 4:59 p.m.22 views

Authentication flaw

A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270...

4.3CVSS6AI score0.03099EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/02/08 4:0 p.m.66 views

CVE-2016-0270

IBM Domino 9.0.1 Fix Pack 3 Interim Fix 2 through 9.0.1 Fix Pack 5 Interim Fix 1 is affected when using TLS with AES-GCM; the vulnerability arises from nonce generation randomness leading to nonce reuse, enabling remote attackers to obtain the authentication key and spoof data (CVE-2016-0270). Th...

5.9CVSS5.5AI score0.03099EPSS
Exploits0References7Affected Software3
F5 Networks
F5 Networks
added 2016/06/20 12:0 a.m.44 views

SOL05405841 - GCM nonce vulnerability CVE-2016-0270

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5.9CVSS2.8AI score0.03099EPSS
Exploits0References4
Rows per page
Query Builder