Executive Summary

Informations
NameCVE-2017-5753First vendor Publication2018-01-04
VendorCveLast vendor Modification2019-04-23

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:M/Au:N/C:C/I:N/A:N)
Cvss Base Score4.7Attack RangeLocal
Cvss Impact Score6.9Attack ComplexityMedium
Cvss Expoit Score3.4AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753

CWE : Common Weakness Enumeration

%idName
100 %CWE-200Information Exposure

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware10
Hardware2
Hardware32
Hardware6
Hardware9
Hardware30
Hardware10
Hardware23
Hardware112
Hardware169
Hardware168
Hardware7
Hardware3
Hardware2
Hardware1
Hardware4
Hardware7
Hardware69
Hardware2
Hardware94
Hardware182
Hardware62
Hardware32
Hardware11
Hardware15
Hardware8

Snort® IPS/IDS

DateDescription
2018-02-20Intel x64 side-channel analysis information leak attempt
RuleID : 45444 - Revision : 2 - Type : OS-OTHER
2018-02-20Intel x64 side-channel analysis information leak attempt
RuleID : 45443 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x64 side-channel analysis information leak attempt
RuleID : 45368 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x64 side-channel analysis information leak attempt
RuleID : 45367 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45366 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45365 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45364 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45363 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45362 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45361 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45360 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45359 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45358 - Revision : 2 - Type : OS-OTHER
2018-02-06Intel x86 side-channel analysis information leak attempt
RuleID : 45357 - Revision : 2 - Type : OS-OTHER

Nessus® Vulnerability Scanner

DateDescription
2018-11-02Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL91229003.nasl - Type : ACT_GATHER_INFO
2018-10-31Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201810-06.nasl - Type : ACT_GATHER_INFO
2018-09-18Name : The remote EulerOS Virtualization host is missing multiple security updates.
File : EulerOS_SA-2018-1236.nasl - Type : ACT_GATHER_INFO
2018-08-17Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0098.nasl - Type : ACT_GATHER_INFO
2018-07-24Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0011.nasl - Type : ACT_GATHER_INFO
2018-07-20Name : The remote Debian host is missing a security update.
File : debian_DLA-1423.nasl - Type : ACT_GATHER_INFO
2018-07-16Name : The remote Debian host is missing a security update.
File : debian_DLA-1422.nasl - Type : ACT_GATHER_INFO
2018-05-10Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4196.nasl - Type : ACT_GATHER_INFO
2018-05-03Name : The remote Debian host is missing a security update.
File : debian_DLA-1369.nasl - Type : ACT_GATHER_INFO
2018-05-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4187.nasl - Type : ACT_GATHER_INFO
2018-05-02Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4188.nasl - Type : ACT_GATHER_INFO
2018-04-18Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-956.nasl - Type : ACT_GATHER_INFO
2018-03-29Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_1ce95bc7327811e8b52700012e582166.nasl - Type : ACT_GATHER_INFO
2018-03-15Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-0512.nasl - Type : ACT_GATHER_INFO
2018-02-27Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2018-057-01.nasl - Type : ACT_GATHER_INFO
2018-02-23Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4120.nasl - Type : ACT_GATHER_INFO
2018-02-22Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-956.nasl - Type : ACT_GATHER_INFO
2018-02-05Name : The remote Virtuozzo host is missing multiple security updates.
File : Virtuozzo_VZA-2018-006.nasl - Type : ACT_GATHER_INFO
2018-01-30Name : A web browser installed on the remote Windows host is affected by multiple se...
File : google_chrome_64_0_3282_119.nasl - Type : ACT_GATHER_INFO
2018-01-26Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-0151.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03029.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03030.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03032.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03033.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03034.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03035.nasl - Type : ACT_GATHER_INFO
2018-01-25Name : The remote AIX host is missing a security patch.
File : aix_IJ03036.nasl - Type : ACT_GATHER_INFO
2018-01-19Name : The remote Fedora host is missing a security update.
File : fedora_2018-690989736a.nasl - Type : ACT_GATHER_INFO
2018-01-15Name : The remote Fedora host is missing a security update.
File : fedora_2018-0590e4af13.nasl - Type : ACT_GATHER_INFO
2018-01-12Name : A virtualization application installed on the remote macOS or Mac OS X host i...
File : macosx_fusion_vmsa_2018_0004.nasl - Type : ACT_GATHER_INFO
2018-01-12Name : A display driver installed on the remote Linux host is affected by multiple v...
File : nvidia_unix_cve_2017_5753.nasl - Type : ACT_GATHER_INFO
2018-01-12Name : A display driver installed on the remote Windows host is affected by multiple...
File : nvidia_win_cve_2017_5753.nasl - Type : ACT_GATHER_INFO
2018-01-09Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1002.nasl - Type : ACT_GATHER_INFO
2018-01-09Name : The remote Virtuozzo host is missing multiple security updates.
File : Virtuozzo_VZA-2018-003.nasl - Type : ACT_GATHER_INFO
2018-01-09Name : A web browser installed on the remote macOS or Mac OS X host is affected by a...
File : macosx_Safari11_0_2_patch_2018_01_08.nasl - Type : ACT_GATHER_INFO
2018-01-08Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1001.nasl - Type : ACT_GATHER_INFO
2018-01-08Name : The remote Virtuozzo host is missing multiple security updates.
File : Virtuozzo_VZA-2018-002.nasl - Type : ACT_GATHER_INFO
2018-01-05Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-0007.nasl - Type : ACT_GATHER_INFO
2018-01-05Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2018-0008.nasl - Type : ACT_GATHER_INFO
2018-01-05Name : A server virtualization platform installed on the remote host is affected by ...
File : citrix_xenserver_CTX231390.nasl - Type : ACT_GATHER_INFO
2018-01-05Name : A web browser installed on the remote macOS or Mac OS X host is affected by a...
File : macosx_firefox_57_0_4.nasl - Type : ACT_GATHER_INFO
2018-01-05Name : A web browser installed on the remote Windows host is affected by a speculati...
File : mozilla_firefox_57_0_4.nasl - Type : ACT_GATHER_INFO
2017-12-29Name : A virtualization application installed on the remote macOS or Mac OS X host i...
File : macosx_fusion_vmsa_2017_0021.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/102371
CERT-VN http://www.kb.cert.org/vuls/id/584653
https://www.kb.cert.org/vuls/id/180049
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
CONFIRM http://nvidia.custhelp.com/app/answers/detail/a_id/4609
http://nvidia.custhelp.com/app/answers/detail/a_id/4611
http://nvidia.custhelp.com/app/answers/detail/a_id/4613
http://nvidia.custhelp.com/app/answers/detail/a_id/4614
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://xenbits.xen.org/xsa/advisory-254.html
https://01.org/security/advisories/intel-oss-10002
https://access.redhat.com/security/vulnerabilities/speculativeexecution
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-ti...
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://cert.vde.com/en-us/advisories/vde-2018-002
https://cert.vde.com/en-us/advisories/vde-2018-003
https://developer.arm.com/support/arm-security-updates/speculative-processor-...
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Cente...
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
https://security.netapp.com/advisory/ntap-20180104-0001/
https://support.citrix.com/article/CTX231399
https://support.f5.com/csp/article/K91229003
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr...
https://support.lenovo.com/us/en/solutions/LEN-18282
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-securit...
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
https://www.synology.com/support/security/Synology_SA_18_01
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
DEBIAN https://www.debian.org/security/2018/dsa-4187
https://www.debian.org/security/2018/dsa-4188
EXPLOIT-DB https://www.exploit-db.com/exploits/43427/
GENTOO https://security.gentoo.org/glsa/201810-06
MISC http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Pr...
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with...
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-nee...
https://spectreattack.com/
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
MLIST https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
REDHAT https://access.redhat.com/errata/RHSA-2018:0292
SECTRACK http://www.securitytracker.com/id/1040071
SUSE http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
UBUNTU https://usn.ubuntu.com/3540-1/
https://usn.ubuntu.com/3540-2/
https://usn.ubuntu.com/3541-1/
https://usn.ubuntu.com/3541-2/
https://usn.ubuntu.com/3542-1/
https://usn.ubuntu.com/3542-2/
https://usn.ubuntu.com/3549-1/
https://usn.ubuntu.com/3580-1/
https://usn.ubuntu.com/3597-1/
https://usn.ubuntu.com/3597-2/
https://usn.ubuntu.com/usn/usn-3516-1/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
DateInformations
2019-04-24 05:18:55
  • Multiple Updates
2019-04-24 00:18:53
  • Multiple Updates
2019-04-02 05:18:38
  • Multiple Updates
2019-03-28 00:18:59
  • Multiple Updates
2019-02-13 17:19:13
  • Multiple Updates
2018-12-01 00:18:59
  • Multiple Updates
2018-10-31 13:21:20
  • Multiple Updates
2018-10-24 00:19:49
  • Multiple Updates
2018-08-23 17:20:04
  • Multiple Updates
2018-07-20 09:18:33
  • Multiple Updates
2018-07-17 09:19:35
  • Multiple Updates
2018-07-12 00:20:03
  • Multiple Updates
2018-05-23 09:19:02
  • Multiple Updates
2018-05-17 09:19:37
  • Multiple Updates
2018-05-03 09:19:29
  • Multiple Updates
2018-04-20 09:19:17
  • Multiple Updates
2018-03-24 09:18:24
  • Multiple Updates
2018-03-19 13:20:31
  • Multiple Updates
2018-03-16 09:19:09
  • Multiple Updates
2018-03-04 17:19:43
  • Multiple Updates
2018-02-12 13:21:46
  • Multiple Updates
2018-01-13 09:21:48
  • Multiple Updates
2018-01-12 09:22:42
  • Multiple Updates
2018-01-08 17:22:14
  • Multiple Updates
2018-01-06 09:21:49
  • Multiple Updates
2018-01-05 09:24:23
  • Multiple Updates
2018-01-04 17:21:49
  • First insertion