What is CVE-2017-9371?

CVE-2017-9371 is a low-severity vulnerability in Blackberry Qnx_software_development_platform, classified under CWE-332. CVSS score: 2.6/10. Published 2017-11-14.

How severe is CVE-2017-9371?

Low severity. CVSS v3 base score is 2.6 out of 10.

Vulnerability in Blackberry Qnx_software_development_platform

CVE-2017-9371

In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able to reduce the entropy of the PRNG, maki…

EPSS: 0.002 (47.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.6 (Low). Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N.

Affected products

Blackberry Qnx_software_development_platform — versions 6.5.0, 6.6.0
Blackberry Qnx Software Development Platform (Qnx Sdp) — versions 6.5.0 SP1 and earlier, 6.6.0

Weakness classification (CWE)

CWE-332

References

secure@blackberry.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-9371?: CVE-2017-9371 is a low-severity vulnerability in Blackberry Qnx_software_development_platform, classified under CWE-332. CVSS score: 2.6/10. Published 2017-11-14.
How severe is CVE-2017-9371?: Low severity. CVSS v3 base score is 2.6 out of 10.