3 matches found
CVE-2017-5670
Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program not shred or srm, which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks...
CVE-2017-5670
CVE-2017-5670 affects Riverbed RiOS up to 9.6.0. The issue is insecure cryptographic storage: the secure vault used for server TLS certificates can be deleted with the rm program (not shred/srm), enabling a physically proximate attacker to read raw disk blocks and potentially recover private keys...
Riverbed RiOS Insecure Cryptographic Storage
Riverbed RiOS insecure cryptographic storage CVE-2017-5670 Description Riverbed Steelhead hardware appliances are used to optimize and accelerate network traffic. There can be implemented as TLS endpoints, so they have a secure vault aimed to store private TLS certificates for servers. The secure...