What is CVE-2017-9371?

CVE-2017-9371 is a vulnerability in BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, which could allow an attacker to reduce the PRNG entropy and gain control over the system.

What is the severity of CVE-2017-9371?

The severity of CVE-2017-9371 is medium with a CVSS score of 5.9.

How does CVE-2017-9371 impact BlackBerry QNX Software Development Platform?

CVE-2017-9371 can lead to a loss of integrity in the default configuration of BlackBerry QNX SDP, making other blended attacks more practical and allowing an attacker to gain control over the system.

What versions of BlackBerry QNX SDP are affected by CVE-2017-9371?

CVE-2017-9371 affects BlackBerry QNX SDP versions 6.6.0 and 6.5.0 SP1 and earlier.

How can I fix CVE-2017-9371?

To fix CVE-2017-9371, it is recommended to update to a patched version of BlackBerry QNX SDP.

Vulnerability/
CVE-2017-9371

medium

5.9

CWE

332

14/11/2017

30/11/2017

CVE-2017-9371

First published: Tue Nov 14 2017(Updated: )

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, making other blended attacks more practical by gaining control over environmental factors that influence seed generation.

Credit: secure@blackberry.com

Affected Software	Affected Version	How to fix
BlackBerry QNX Software Development Platform	=6.5.0
BlackBerry QNX Software Development Platform	=6.5.0-sp1
BlackBerry QNX Software Development Platform	=6.6.0

Never miss a vulnerability like this again

Reference Links

http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000046674

Frequently Asked Questions

What is CVE-2017-9371?
CVE-2017-9371 is a vulnerability in BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, which could allow an attacker to reduce the PRNG entropy and gain control over the system.
What is the severity of CVE-2017-9371?
The severity of CVE-2017-9371 is medium with a CVSS score of 5.9.
How does CVE-2017-9371 impact BlackBerry QNX Software Development Platform?
CVE-2017-9371 can lead to a loss of integrity in the default configuration of BlackBerry QNX SDP, making other blended attacks more practical and allowing an attacker to gain control over the system.
What versions of BlackBerry QNX SDP are affected by CVE-2017-9371?
CVE-2017-9371 affects BlackBerry QNX SDP versions 6.6.0 and 6.5.0 SP1 and earlier.
How can I fix CVE-2017-9371?
To fix CVE-2017-9371, it is recommended to update to a patched version of BlackBerry QNX SDP.

collector/nvd-index
agent/type
vendor/blackberry
canonical/blackberry qnx software development platform
version/blackberry qnx software development platform/6.5.0
version/blackberry qnx software development platform/6.5.0-sp1
version/blackberry qnx software development platform/6.6.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.