HTTP: Intel Side-Channel Information Disclosure

This signature detects attempts to exploit a known vulnerability against multiple microprocessors. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.

Extended Description

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Affected Products

Netapp solidfire

References

BugTraq: 102376 102378 102371

CVE: CVE-2017-5715

Short Name
HTTP:STC:DL:SIDE-CHANNEL-ID
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 Disclosure Information Intel Side-Channel bid:102371 bid:102376 bid:102378
Release Date
01/25/2018
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Intel

Arm

Oracle

Netapp

Debian

Canonical

CVSS Score

4.7

1.9

Found a potential security threat?