CVE-2017-9371 Vulnerability Details

  /     /     /  

CVE-2017-9371 Metadata Quick Info

CVE Published: 14/11/2017 | CVE Updated: 16/09/2024 | CVE Year: 2017
Source: blackberry | Vendor: BlackBerry | Product: QNX Software Development Platform (QNX SDP)
Status : PUBLISHED

---

CVE-2017-9371 Description

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Loss of integrity vulnerability
Source: BlackBerry

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).