CVE-2017-17689
Summary
The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
- HIGH
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
References
Advisory Timeline
- Published