Security Advisory

CVE-2017-10668

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-06-30 12:00:00

Last updated 2024-08-05 17:41:55

Assigner mitre

State PUBLISHED

Description

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the transport encryption.

← Browse all CVEs View on cve.org ↗