Skip to main content

CVE-2017-17689

Severity Medium
Score 5.9/10

Summary

The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.

  • HIGH
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • NONE

References

Advisory Timeline

  • Published