Vulnerability Details CVE-2017-17878
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters are truncated because of the default use of DES (aka the CONFIG_FEATURE_DEFAULT_PASSWD_ALGO="des" setting).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- https://blogger.davidmanouchehri.com/2017/12/steam-link-security-truncated-password.html
- https://github.com/ValveSoftware/steamlink-sdk/issues/101
- https://github.com/ValveSoftware/steamlink-sdk/issues/110
- https://blogger.davidmanouchehri.com/2017/12/steam-link-security-truncated-password.html
- https://github.com/ValveSoftware/steamlink-sdk/issues/101
- https://github.com/ValveSoftware/steamlink-sdk/issues/110
Products affected by CVE-2017-17878
-
cpe:2.3:h:valvesoftware:steam_link:-
-
cpe:2.3:o:valvesoftware:steam_link_firmware:388
-
cpe:2.3:o:valvesoftware:steam_link_firmware:390
-
cpe:2.3:o:valvesoftware:steam_link_firmware:398
-
cpe:2.3:o:valvesoftware:steam_link_firmware:400
-
cpe:2.3:o:valvesoftware:steam_link_firmware:406
-
cpe:2.3:o:valvesoftware:steam_link_firmware:410
-
cpe:2.3:o:valvesoftware:steam_link_firmware:412
-
cpe:2.3:o:valvesoftware:steam_link_firmware:414
-
cpe:2.3:o:valvesoftware:steam_link_firmware:430
-
cpe:2.3:o:valvesoftware:steam_link_firmware:433
-
cpe:2.3:o:valvesoftware:steam_link_firmware:435
-
cpe:2.3:o:valvesoftware:steam_link_firmware:437
-
cpe:2.3:o:valvesoftware:steam_link_firmware:441
-
cpe:2.3:o:valvesoftware:steam_link_firmware:447
-
cpe:2.3:o:valvesoftware:steam_link_firmware:449
-
cpe:2.3:o:valvesoftware:steam_link_firmware:462
-
cpe:2.3:o:valvesoftware:steam_link_firmware:484
-
cpe:2.3:o:valvesoftware:steam_link_firmware:487
-
cpe:2.3:o:valvesoftware:steam_link_firmware:494
-
cpe:2.3:o:valvesoftware:steam_link_firmware:497
-
cpe:2.3:o:valvesoftware:steam_link_firmware:499
-
cpe:2.3:o:valvesoftware:steam_link_firmware:503
-
cpe:2.3:o:valvesoftware:steam_link_firmware:507
-
cpe:2.3:o:valvesoftware:steam_link_firmware:513
-
cpe:2.3:o:valvesoftware:steam_link_firmware:515
-
cpe:2.3:o:valvesoftware:steam_link_firmware:516
-
cpe:2.3:o:valvesoftware:steam_link_firmware:517
-
cpe:2.3:o:valvesoftware:steam_link_firmware:518
-
cpe:2.3:o:valvesoftware:steam_link_firmware:522
-
cpe:2.3:o:valvesoftware:steam_link_firmware:524
-
cpe:2.3:o:valvesoftware:steam_link_firmware:528
-
cpe:2.3:o:valvesoftware:steam_link_firmware:532
-
cpe:2.3:o:valvesoftware:steam_link_firmware:538
-
cpe:2.3:o:valvesoftware:steam_link_firmware:540
-
cpe:2.3:o:valvesoftware:steam_link_firmware:546
-
cpe:2.3:o:valvesoftware:steam_link_firmware:550
-
cpe:2.3:o:valvesoftware:steam_link_firmware:554
-
cpe:2.3:o:valvesoftware:steam_link_firmware:560
-
cpe:2.3:o:valvesoftware:steam_link_firmware:562
-
cpe:2.3:o:valvesoftware:steam_link_firmware:564
-
cpe:2.3:o:valvesoftware:steam_link_firmware:565
-
cpe:2.3:o:valvesoftware:steam_link_firmware:566
-
cpe:2.3:o:valvesoftware:steam_link_firmware:572
-
cpe:2.3:o:valvesoftware:steam_link_firmware:574
-
cpe:2.3:o:valvesoftware:steam_link_firmware:575
-
cpe:2.3:o:valvesoftware:steam_link_firmware:578
-
cpe:2.3:o:valvesoftware:steam_link_firmware:581
-
cpe:2.3:o:valvesoftware:steam_link_firmware:582
-
cpe:2.3:o:valvesoftware:steam_link_firmware:584
-
cpe:2.3:o:valvesoftware:steam_link_firmware:585
-
cpe:2.3:o:valvesoftware:steam_link_firmware:587
-
cpe:2.3:o:valvesoftware:steam_link_firmware:589
-
cpe:2.3:o:valvesoftware:steam_link_firmware:597
-
cpe:2.3:o:valvesoftware:steam_link_firmware:600
-
cpe:2.3:o:valvesoftware:steam_link_firmware:606
-
cpe:2.3:o:valvesoftware:steam_link_firmware:607
-
cpe:2.3:o:valvesoftware:steam_link_firmware:609
-
cpe:2.3:o:valvesoftware:steam_link_firmware:610
-
cpe:2.3:o:valvesoftware:steam_link_firmware:613
-
cpe:2.3:o:valvesoftware:steam_link_firmware:614
-
cpe:2.3:o:valvesoftware:steam_link_firmware:615
-
cpe:2.3:o:valvesoftware:steam_link_firmware:617
-
cpe:2.3:o:valvesoftware:steam_link_firmware:620
-
cpe:2.3:o:valvesoftware:steam_link_firmware:623
-
cpe:2.3:o:valvesoftware:steam_link_firmware:624
-
cpe:2.3:o:valvesoftware:steam_link_firmware:626
-
cpe:2.3:o:valvesoftware:steam_link_firmware:628
-
cpe:2.3:o:valvesoftware:steam_link_firmware:630
-
cpe:2.3:o:valvesoftware:steam_link_firmware:637
-
cpe:2.3:o:valvesoftware:steam_link_firmware:639
-
cpe:2.3:o:valvesoftware:steam_link_firmware:640