CVE-2017-5933
Last modified
CVE-2017-5933 is a vulnerability of currently unknown severity. Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.. EPSS estimates a 3.18% chance of exploitation in the next 30 days.
Description
Citrix NetScaler ADC and NetScaler Gateway 10.5 before Build 65.11, 11.0 before Build 69.12/69.123, and 11.1 before Build 51.21 randomly generates GCM nonces, which makes it marginally easier for remote attackers to obtain the GCM authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Citrix | Netscaler Application Delivery Controller Firmware | <= 10.5.65.11 |
| Citrix | Netscaler Application Delivery Controller Firmware | <= 11.0.69.12 |
| Citrix | Netscaler Application Delivery Controller Firmware | <= 11.1.51.21 |
References
- http://www.securityfocus.com/bid/96151Third Party Advisory, VDB Entry
- https://github.com/nonce-disrespect/nonce-disrespectThird Party Advisory
- https://support.citrix.com/article/CTX220329Vendor Advisory
- http://www.securityfocus.com/bid/96151Third Party Advisory, VDB Entry
- https://github.com/nonce-disrespect/nonce-disrespectThird Party Advisory
- https://support.citrix.com/article/CTX220329Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-5933?
How severe is CVE-2017-5933?
How do I fix CVE-2017-5933?
Are you affected by CVE-2017-5933?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST