CVE-2017-1000385 in otp TLS Serverinformation

Résumé

par MITRE

The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack).

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Réserver

29/11/2017

Divulgation

12/12/2017

Modérer

accepté

Entrée

VDB-110521

CPE

prêt

EPSS

0.22098

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!