CVE-2016-10213
N/A
N/A
Summary
A10 AX1030 and possibly other devices with software before 2.7.2-P8 uses random GCM nonce generations, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging a reused nonce in a session and a "forbidden attack," a similar issue to CVE-2016-0270.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/nonce-disrespect/nonce-disrespect
- https://www.a10networks.com/blog/cve-2016-0270-gcm-nonce-vulnerability
- http://www.securityfocus.com/bid/96163
References
- https://github.com/nonce-disrespect/nonce-disrespect
- https://www.a10networks.com/blog/cve-2016-0270-gcm-nonce-vulnerability
- http://www.securityfocus.com/bid/96163
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.