Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-15326

Опубликовано: 23 мар. 2018
Источник: nvd
CVSS3: 4.3
CVSS2: 4.3
EPSS Низкий

Описание

DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%
0.0004
Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-327

Связанные уязвимости

github логотип

GHSA-65pc-vpgq-hrgm

CVSS3: 4.3
github
больше 3 лет назад

DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage.

EPSS

Процентиль: 12%
0.0004
Низкий

4.3 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-327