+ Product
Solution Pricing
+ Resources
+ Company
Research Center Contact
Login Try for Free
Research Center
CVE-2017-5753 Research Center

CVE-2017-5753

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

  • 5.6 medium severity

  • CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

  • 04/01/2018

Products 7

Fu

Fusion

by Vmware

88 Versions

a month ago

Workstation

by Vmware

142 Versions

4 months ago

Ro

Router Manager

by Synology

59 Versions

6 months ago

So

Solidfire

by Netapp

1 Version

6 months ago

Di

Diskstation Manager

by Synology

107 Versions

9 months ago

Sk

Skynas

by Synology

2 Versions

9 months ago

HC

HCI

by Netapp

1 Version

3 years ago

Operating Systems 66

So

Solaris

by Oracle

75 Versions

22 days ago

ES

ESXI

by Vmware

439 Versions

2 months ago

SU

SUSE Linux Enterprise Server

by SUSE

66 Versions

3 months ago

Vs

Vs360hd Firmware

by Synology

1 Version

3 years ago

SU

SUSE Linux Enterprise Software Development Kit

by SUSE

14 Versions

3 years ago

Co

Cortex-A Firmware

by Arm

1 Version

3 years ago

Co

Cortex-R Firmware

by Arm

1 Version

3 years ago

BT

BTC12 Firmware

by Pepperl-Fuchs

1 Version

3 years ago

BT

BTC14 Firmware

by Pepperl-Fuchs

1 Version

3 years ago

BL

BL PPC 1000 Firmware

by Phoenixcontact

1 Version

3 years ago

Vulnerability Categories 1

Information Exposure

Advisory Links 66

https://lists.debian.org/debian-lts-announce/2018/07/msg00015.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00016.html
https://www.debian.org/security/2018/dsa-4187
https://www.debian.org/security/2018/dsa-4188
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
https://security.gentoo.org/glsa/201810-06
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html
https://lists.debian.org/debian-lts-announce/2018/07/msg00020.html
https://01.org/security/advisories/intel-oss-10002
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://www.kb.cert.org/vuls/id/180049
https://cert-portal.siemens.com/productcert/pdf/ssa-505225.pdf
https://seclists.org/bugtraq/2019/Jun/36
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-003.txt
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00016.html
http://nvidia.custhelp.com/app/answers/detail/a_id/4609
http://nvidia.custhelp.com/app/answers/detail/a_id/4611
http://nvidia.custhelp.com/app/answers/detail/a_id/4613
http://nvidia.custhelp.com/app/answers/detail/a_id/4614
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt
http://www.kb.cert.org/vuls/id/584653
http://www.securitytracker.com/id/1040071
http://xenbits.xen.org/xsa/advisory-254.html
https://access.redhat.com/errata/RHSA-2018:0292
https://access.redhat.com/security/vulnerabilities/speculativeexecution
https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
https://cert.vde.com/en-us/advisories/vde-2018-002
https://cert.vde.com/en-us/advisories/vde-2018-003
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
https://security.netapp.com/advisory/ntap-20180104-0001/
https://support.citrix.com/article/CTX231399
https://support.f5.com/csp/article/K91229003
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03871en_us
https://support.lenovo.com/us/en/solutions/LEN-18282
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
https://usn.ubuntu.com/3540-2/
https://usn.ubuntu.com/3541-2/
https://usn.ubuntu.com/3597-1/
https://usn.ubuntu.com/3597-2/
https://usn.ubuntu.com/usn/usn-3516-1/
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-18-0001
https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
https://www.synology.com/support/security/Synology_SA_18_01
http://packetstormsecurity.com/files/145645/Spectre-Information-Disclosure-Proof-Of-Concept.html
http://www.securityfocus.com/bid/102371
https://spectreattack.com/
https://usn.ubuntu.com/3540-1/
https://usn.ubuntu.com/3541-1/
https://usn.ubuntu.com/3542-1/
https://usn.ubuntu.com/3542-2/
https://usn.ubuntu.com/3549-1/
https://usn.ubuntu.com/3580-1/
https://www.exploit-db.com/exploits/43427/
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
https://cert-portal.siemens.com/productcert/pdf/ssa-608355.pdf
http://www.vicarius.io is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the Website is purely for informational, and educational purposes and should be independently verified and confirmed. Vicarius does not accept any liability for any loss or damage whatsoever caused in reliance upon such information or services. No statements or information presented in any form by Vicarius is intended as fact, and you agree that you will not consider the statements or information presented on the Website as fact or as a guarantee of performance.