CVE-2017-5670

Riverbed RiOS through 9.6.0 deletes the secure vault with the rm program (not shred or srm), which makes it easier for physically proximate attackers to obtain sensitive information by reading raw disk blocks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.6 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 29%
VendorProductVersion
riverbedrios
𝑥
≤ 9.6.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2017/Feb/25
http://www.securityfocus.com/bid/96175
https://supportkb.riverbed.com/support/index?page=content&id=S30065
https://sysdream.com/news/lab/2017-02-15-riverbed-rios-insecure-cryptographic-storage-cve-2017-5670/
http://seclists.org/fulldisclosure/2017/Feb/25
http://www.securityfocus.com/bid/96175
https://supportkb.riverbed.com/support/index?page=content&id=S30065
https://sysdream.com/news/lab/2017-02-15-riverbed-rios-insecure-cryptographic-storage-cve-2017-5670/