All the vulnerabilites related to cisco - adaptive_security_appliance_5550_firmware
Vulnerability from fkie_nvd
Published
2018-03-05 18:29
Modified
2024-11-21 03:17
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
References
cve@mitre.orghttp://www.securityfocus.com/bid/102170Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1039984Third Party Advisory, VDB Entry
cve@mitre.orghttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacherThird Party Advisory
cve@mitre.orghttps://www.cavium.com/security-advisory-cve-2017-17428.htmlVendor Advisory
cve@mitre.orghttps://www.kb.cert.org/vuls/id/144389Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/102170Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1039984Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacherThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.cavium.com/security-advisory-cve-2017-17428.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/144389Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
cavium nitrox_ssl_sdk *
cavium nitrox_v_ssl_sdk *
cavium octeon_sdk *
cavium octeon_ssl_sdk *
cavium turbossl_sdk *
cisco webex_conect_im 7.24.1
cisco webex_meetings t31
cisco webex_meetings t32
cisco ace4710_application_control_engine_firmware 3.0\(0\)a5\(2.0\)
cisco ace4710_application_control_engine_firmware 3.0\(0\)a5\(3.0\)
cisco ace4710_application_control_engine_firmware 3.0\(0\)a5\(3.5\)
cisco ace_4710_application_control_engine -
cisco ace30_application_control_engine_module_firmware 3.0\(0\)a5\(2.0\)
cisco ace30_application_control_engine_module_firmware 3.0\(0\)a5\(3.0\)
cisco ace30_application_control_engine_module_firmware 3.0\(0\)a5\(3.5\)
cisco ace30_application_control_engine_module -
cisco adaptive_security_appliance_5520_firmware 9.1\(7.16\)
cisco adaptive_security_appliance_5520 -
cisco adaptive_security_appliance_5540_firmware 9.1\(7.16\)
cisco adaptive_security_appliance_5540 -
cisco adaptive_security_appliance_5550_firmware 9.1\(7.16\)
cisco adaptive_security_appliance_5550 -
cisco adaptive_security_appliance_5510_firmware 9.1\(7.16\)
cisco adaptive_security_appliance_5510 -
cisco adaptive_security_appliance_5505_firmware 9.1\(7.16\)
cisco adaptive_security_appliance_5505 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cavium:nitrox_ssl_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8DF06BB-1F8B-4A8B-BA66-028AFF9FA36E",
              "versionEndIncluding": "6.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cavium:nitrox_v_ssl_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "274D753A-E022-4E41-9114-0B26A472BB63",
              "versionEndIncluding": "1.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cavium:octeon_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7529F21A-0F87-421A-9D96-9B21A11F77D3",
              "versionEndIncluding": "1.7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cavium:octeon_ssl_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ACC7912-4FF4-49FE-B5D8-6CEAEFC25DA4",
              "versionEndIncluding": "1.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cavium:turbossl_sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B94D6A-7AC9-48B6-9A7C-7C8D23F3AFCB",
              "versionEndIncluding": "1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:webex_conect_im:7.24.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0143CB5D-07F4-4BC3-85C4-5A1A5F10D255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2CD55EC-37E6-4E00-97CA-CBCA430AA711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings:t32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D55BE2-8399-4B10-9430-BEB0036800C4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(2.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "24BD18A8-AEAD-459A-9E16-3790BE6543D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(3.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DD10B359-AB2A-41A6-96D2-C904F705DE7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\\(0\\)a5\\(3.5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2D7F0F7C-295C-4565-B818-FF9FBAB36249",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ace_4710_application_control_engine:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E8DDD6-4B63-4430-AF9C-2A9ABCC79E24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(2.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "60340950-50AD-47C2-B9CB-2D930D180EF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(3.0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2A4C206B-1375-41BE-8811-E334E7879A29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\\(0\\)a5\\(3.5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2FF73E89-9C67-4A37-B9BC-EC9E17C0E0CB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:ace30_application_control_engine_module:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AD4CC24-D2B1-4DEB-85AE-393CDCDD24F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D4AA2A28-18CB-4C73-B52A-4DE306B55896",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35954D5D-F767-485F-94AB-0CD8B58F6352",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "337DC063-042E-43AF-810E-8598CCEB2FD6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCBF299-D6F5-4D00-8616-9EDE7EAFAC28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "07348020-F675-40B9-9477-914ADCB85991",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24537C8-4F9C-4979-BB1A-466ADA6C3FF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "21A7DCB5-936E-4039-B798-2B6EF5A148BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FF7123A-5538-48AF-BD7A-A0D7962CB10E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:9.1\\(7.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "71174C79-2DC1-4CE7-923D-2EF2D4362CAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC84224-8B1A-4D92-9FBD-813F6C857A77",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
    },
    {
      "lang": "es",
      "value": "Los SDK (software development kit) de Cavium Nitrox SSL, Nitrox V SSL y TurboSSL permiten que atacantes remotos descifren datos TLS cifrados aprovechando un or\u00e1culo de relleno RSA Bleichenbacher. Esto tambi\u00e9n se conoce como ataque ROBOT."
    }
  ],
  "id": "CVE-2017-17428",
  "lastModified": "2024-11-21T03:17:55.180",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-03-05T18:29:00.237",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102170"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039984"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/144389"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1039984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/144389"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-327"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-12-15 20:29
Modified
2024-11-21 03:09
Severity ?
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.
References
ykramarz@cisco.comhttp://www.securityfocus.com/bid/102170Third Party Advisory, VDB Entry
ykramarz@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacherIssue Tracking, Mitigation, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/102170Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacherIssue Tracking, Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_5505_firmware -
cisco adaptive_security_appliance_5505 -
cisco adaptive_security_appliance_5510_firmware -
cisco adaptive_security_appliance_5510 -
cisco adaptive_security_appliance_5520_firmware -
cisco adaptive_security_appliance_5520 -
cisco adaptive_security_appliance_5540_firmware -
cisco adaptive_security_appliance_5540 -
cisco adaptive_security_appliance_5550_firmware -
cisco adaptive_security_appliance_5550 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "804FAA4B-1F4A-45F2-83B0-0C8B5377F4FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AC84224-8B1A-4D92-9FBD-813F6C857A77",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E1BA0E9-B3E1-48A3-88BA-362B61127232",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FF7123A-5538-48AF-BD7A-A0D7962CB10E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06904DC-FEE6-4DB0-9DA8-08A52E5EAE7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35954D5D-F767-485F-94AB-0CD8B58F6352",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8749102F-8AF6-4FF8-9804-BFC4544BEFA8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CCBF299-D6F5-4D00-8616-9EDE7EAFAC28",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A33CBA0-FEE5-40CA-A85D-D9F07B800138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24537C8-4F9C-4979-BB1A-466ADA6C3FF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher\u0027s Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo TLS de dispositivos heredados Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540 y 5550)podr\u00eda permitir que un atacante remoto no autenticado acceda a informaci\u00f3n sensible. Esto tambi\u00e9n se conoce como ataque ROBOT (Return of Bleichenbacher\u0027s Oracle Threat). Un atacante podr\u00eda consultar repetidamente un servidor que ejecuta una implementaci\u00f3n de la pila TLS vulnerable para realizar operaciones criptoanal\u00edticas que podr\u00edan permitir la descodificaci\u00f3n de sesiones TLS previamente capturadas. Cisco Bug IDs: CSCvg97652."
    }
  ],
  "id": "CVE-2017-12373",
  "lastModified": "2024-11-21T03:09:24.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-12-15T20:29:00.207",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102170"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/102170"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "ykramarz@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-203"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2017-17428
Vulnerability from cvelistv5
Published
2018-03-05 18:00
Modified
2024-08-05 20:51
Severity ?
Summary
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
References
http://www.securityfocus.com/bid/102170vdb-entry, x_refsource_BID
https://www.cavium.com/security-advisory-cve-2017-17428.htmlx_refsource_CONFIRM
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbachervendor-advisory, x_refsource_CISCO
http://www.securitytracker.com/id/1039984vdb-entry, x_refsource_SECTRACK
https://www.kb.cert.org/vuls/id/144389third-party-advisory, x_refsource_CERT-VN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:51:31.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102170",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
          },
          {
            "name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
          },
          {
            "name": "1039984",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039984"
          },
          {
            "name": "VU#144389",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "https://www.kb.cert.org/vuls/id/144389"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-12-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-05T17:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "102170",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
        },
        {
          "name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
        },
        {
          "name": "1039984",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039984"
        },
        {
          "name": "VU#144389",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "https://www.kb.cert.org/vuls/id/144389"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-17428",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102170",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102170"
            },
            {
              "name": "https://www.cavium.com/security-advisory-cve-2017-17428.html",
              "refsource": "CONFIRM",
              "url": "https://www.cavium.com/security-advisory-cve-2017-17428.html"
            },
            {
              "name": "20171212 Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
            },
            {
              "name": "1039984",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039984"
            },
            {
              "name": "VU#144389",
              "refsource": "CERT-VN",
              "url": "https://www.kb.cert.org/vuls/id/144389"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-17428",
    "datePublished": "2018-03-05T18:00:00",
    "dateReserved": "2017-12-05T00:00:00",
    "dateUpdated": "2024-08-05T20:51:31.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-12373
Vulnerability from cvelistv5
Published
2017-12-15 20:00
Modified
2024-08-05 18:36
Severity ?
Summary
A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.
References
http://www.securityfocus.com/bid/102170vdb-entry, x_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacherx_refsource_CONFIRM
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102170",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco legacy ASA 5500 products TLS protocol implementation",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco legacy ASA 5500 products TLS protocol implementation"
            }
          ]
        }
      ],
      "datePublic": "2017-12-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher\u0027s Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-17T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "102170",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12373",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco legacy ASA 5500 products TLS protocol implementation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco legacy ASA 5500 products TLS protocol implementation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher\u0027s Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102170",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102170"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12373",
    "datePublished": "2017-12-15T20:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}