VYPR
Medium severity5.9NVD Advisory· Published Jun 30, 2017· Updated Jun 17, 2026

CVE-2017-10668

CVE-2017-10668

Description

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). Under an MITM condition within the OSCI infrastructure, an attacker needs to send crafted protocol messages to analyse the CBC mode padding in order to decrypt the transport encryption.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:xoev:osci_transport_library:1.6.1:*:*:*:java:*:*:*+ 1 more
    • cpe:2.3:a:xoev:osci_transport_library:1.6.1:*:*:*:java:*:*:*
    • cpe:2.3:a:xoev:osci_transport_library:1.6:*:*:*:.net:*:*:*
  • Range: 1.6.1 (Java) and 1.6 (.NET)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.