Unknown
CVE-2017-14737
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2017-14737
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
- botan project,
- debian
Products
- botan,
- botan 1.11.0,
- botan 1.11.1,
- botan 1.11.10,
- botan 1.11.11,
- botan 1.11.12,
- botan 1.11.13,
- botan 1.11.14,
- botan 1.11.15,
- botan 1.11.16,
- botan 1.11.17,
- botan 1.11.18,
- botan 1.11.19,
- botan 1.11.2,
- botan 1.11.20,
- botan 1.11.21,
- botan 1.11.22,
- botan 1.11.23,
- botan 1.11.24,
- botan 1.11.25,
- botan 1.11.26,
- botan 1.11.27,
- botan 1.11.28,
- botan 1.11.3,
- botan 1.11.33,
- botan 1.11.34,
- botan 1.11.4,
- botan 1.11.5,
- botan 1.11.6,
- botan 1.11.7,
- botan 1.11.8,
- botan 1.11.9,
- botan 2.0.0,
- botan 2.0.1,
- botan 2.1.0,
- botan 2.2.0,
- debian linux 9.0
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
