CVE-2017-7306

Name of the Vulnerable Software and Affected Versions Riverbed RiOS versions prior to 9.6.1

Description The issue is related to a weak default password for the secure vault in Riverbed RiOS, which can be exploited by physically proximate attackers who have knowledge of the password algorithm and the appliance serial number. This weakness can be used to defeat the secure-vault protection mechanism. It's noted that the vendor does not consider this a vulnerability as the product allows for arbitrary password changes by customers, although such changes are optional.

Recommendations For Riverbed RiOS versions prior to 9.6.1, change the default password for the secure vault to a strong, unique password to prevent exploitation. Consider implementing additional security measures to protect against physically proximate attackers.