CVE-2017-15326
Description
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.04
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2017-15326 ,CVE-2019-19413 ,CVE-2019-19414 are affected in dbs3900_tdd_lte_firmware v100r004c10 | NCM |
| Vulnerabilities CVE-2017-15326 ,CVE-2019-19413 ,CVE-2019-19414 are affected in dbs3900_tdd_lte_firmware v100r003c00 | NCM |
| Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2017-15326) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234