Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-6168 (GCVE-0-2017-6168)
Vulnerability from cvelistv5 – Published: 2017-11-17 19:00 – Updated: 2024-08-05 15:18
VLAI?
EPSS
Summary
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:49.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://robotattack.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"name": "101901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101901"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"name": "1039839",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039839"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-11-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-12T17:57:02.000Z",
"orgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"shortName": "f5"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://robotattack.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"name": "101901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101901"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"name": "1039839",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039839"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2017-6168",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"url": "https://robotattack.org/"
},
{
"name": "https://support.f5.com/csp/article/K21905460",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"name": "101901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101901"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"name": "1039839",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039839"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9dacffd4-cb11-413f-8451-fbbfd4ddc0ab",
"assignerShortName": "f5",
"cveId": "CVE-2017-6168",
"datePublished": "2017-11-17T19:00:00.000Z",
"dateReserved": "2017-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-05T15:18:49.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2022-AVI-171
Vulnerability from certfr_avis - Published: 2022-02-23 - Updated: 2022-02-23
De multiples vulnérabilités ont été découvertes dans les commutateurs Aruba AOS-CX. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | AOS | AOS-CX versions 10.06.x antérieures à 10.06.0180 | ||
| HPE Aruba Networking | AOS | AOS-CX versions 10.09.x antérieures à 10.09.0010 | ||
| HPE Aruba Networking | AOS | AOS-CX versions 10.07.x antérieures à 10.07.0061 | ||
| HPE Aruba Networking | AOS | AOS-CX versions 10.08.x antérieures à 10.08.1040 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AOS-CX versions 10.06.x ant\u00e9rieures \u00e0 10.06.0180",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-CX versions 10.09.x ant\u00e9rieures \u00e0 10.09.0010",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-CX versions 10.07.x ant\u00e9rieures \u00e0 10.07.0061",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-CX versions 10.08.x ant\u00e9rieures \u00e0 10.08.1040",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
},
{
"name": "CVE-2016-6883",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6883"
},
{
"name": "CVE-2017-17427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17427"
},
{
"name": "CVE-2012-5081",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2002-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2002-20001"
},
{
"name": "CVE-2017-6168",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6168"
},
{
"name": "CVE-2021-41000",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41000"
},
{
"name": "CVE-2017-12373",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12373"
},
{
"name": "CVE-2021-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41003"
},
{
"name": "CVE-2017-17428",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17428"
},
{
"name": "CVE-2021-41001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41001"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2017-17382",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17382"
},
{
"name": "CVE-2021-41002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41002"
}
],
"initial_release_date": "2022-02-23T00:00:00",
"last_revision_date": "2022-02-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-171",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les commutateurs\nAruba AOS-CX. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les commutateurs Aruba AOS-CX",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Aruba AOS-CX ARUBA-PSA-2022-004 du 23 f\u00e9vrier 2022",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt"
}
]
}
CERTFR-2017-AVI-463
Vulnerability from certfr_avis - Published: 2017-12-13 - Updated: 2017-12-13
Une vulnérabilité a été découverte dans les produits F5 . Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Se r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour la liste des produits vuln\u00e9rables (cf. section Documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-6168",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6168"
}
],
"initial_release_date": "2017-12-13T00:00:00",
"last_revision_date": "2017-12-13T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-463",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-12-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits F5 . Elle permet \u00e0\nun attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits F5",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K21905460 du 12 d\u00e9cembre 2017",
"url": "https://support.f5.com/csp/article/K21905460"
}
]
}
CERTFR-2017-AVI-421
Vulnerability from certfr_avis - Published: 2017-11-20 - Updated: 2017-11-20
Une vulnérabilité a été découverte dans F5 BIG-IP. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| F5 | BIG-IP | BIG-IP GTM versions 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP PEM versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP Link Controller versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP LTM versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP ASM versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | F5 WebSafe 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP DNS versions 13.0.0 et 12.0.0 à 12.1.2 | ||
| F5 | BIG-IP | BIG-IP Analytics versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP APM versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP AFM versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 | ||
| F5 | BIG-IP | BIG-IP AAM versions 13.0.0, 12.0.0 à 12.1.2 et 11.6.0 à 11.6.2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BIG-IP GTM versions 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP PEM versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP Link Controller versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP LTM versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP ASM versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "F5 WebSafe 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP DNS versions 13.0.0 et 12.0.0 \u00e0 12.1.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP Analytics versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP APM versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP AFM versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
},
{
"description": "BIG-IP AAM versions 13.0.0, 12.0.0 \u00e0 12.1.2 et 11.6.0 \u00e0 11.6.2",
"product": {
"name": "BIG-IP",
"vendor": {
"name": "F5",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-6168",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6168"
}
],
"initial_release_date": "2017-11-20T00:00:00",
"last_revision_date": "2017-11-20T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-421",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans F5 BIG-IP. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans F5 BIG-IP",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 K21905460 du 17 novembre 2017",
"url": "https://support.f5.com/csp/article/K21905460"
}
]
}
GHSA-J523-GF5P-F8PM
Vulnerability from github – Published: 2022-05-13 01:05 – Updated: 2025-04-20 03:48
VLAI?
Details
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.
Severity ?
7.4 (High)
{
"affected": [],
"aliases": [
"CVE-2017-6168"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-17T19:29:00Z",
"severity": "HIGH"
},
"details": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack.",
"id": "GHSA-j523-gf5p-f8pm",
"modified": "2025-04-20T03:48:47Z",
"published": "2022-05-13T01:05:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6168"
},
{
"type": "WEB",
"url": "https://robotattack.org"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"type": "WEB",
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/101901"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039839"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2017-6168
Vulnerability from fkie_nvd - Published: 2017-11-17 19:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | big-ip_ltm | * | |
| f5 | big-ip_ltm | * | |
| f5 | big-ip_ltm | 13.0.0 | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | * | |
| f5 | big-ip_application_acceleration_manager | 13.0.0 | |
| f5 | big-ip_afm | * | |
| f5 | big-ip_afm | * | |
| f5 | big-ip_afm | 13.0.0 | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | * | |
| f5 | big-ip_analytics | 13.0.0 | |
| f5 | big-ip_apm | * | |
| f5 | big-ip_apm | * | |
| f5 | big-ip_apm | 13.0.0 | |
| f5 | big-ip_asm | * | |
| f5 | big-ip_asm | * | |
| f5 | big-ip_asm | 13.0.0 | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | * | |
| f5 | big-ip_link_controller | 13.0.0 | |
| f5 | big-ip_pem | * | |
| f5 | big-ip_pem | * | |
| f5 | big-ip_pem | 13.0.0 | |
| f5 | websafe | * | |
| f5 | websafe | 11.6.2 | |
| f5 | websafe | 13.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1BD6762-15E4-495A-BB93-66EBF5F81C24",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E03DAF-41DD-45C6-BD69-EAD1423BEFF0",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_ltm:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8201185-406F-4769-8690-9734C3DA2B48",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6932A666-B5B2-463F-922E-303E95BEF9F8",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39E45CF5-C9E4-4AB9-A6D5-66F8336DDB79",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D75D5AD-C20A-4D94-84E0-E695C9D2A26D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5BC5CE-AD6C-4225-B45A-71E6D709F9AB",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFC0AC4-E0A9-4EAE-B573-F70F5B5375DB",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_afm:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17A138CE-D1E3-4331-89F6-717539F1B59F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "95131361-AFA7-43CA-9426-4F9A6644D337",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25944BCA-3EEB-4396-AC8F-EF58834BC47E",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34D75E7F-B65F-421D-92EE-6B20756019C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB69EC13-3CDB-44C9-9328-7BE4F7E0013A",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0762B8-793F-4619-9BA6-F98654F05B9D",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_apm:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E66DDC7E-1DFA-45C0-AA78-C44EE39352E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "465D4268-5052-4FF1-936F-813E8971A72B",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A00C9178-7218-483B-8280-5B5F39695772",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_asm:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "795163B3-60B2-4C3B-AFF9-14B19D728811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3938A3B7-CF57-477D-9C88-478B75D720B8",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A5CD9B-D257-4EC9-8C57-D9552C2FFFFC",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C4414E-8016-48B5-8CC3-F97FF2D85922",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA238C0E-74F9-4395-ACE0-0B3266ED12C4",
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E02B0B-3539-467A-9A2D-0D0B24C60ABC",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:big-ip_pem:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4700490-894F-4CCD-92A4-595043F38B7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:websafe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28F486A3-129D-470E-94B7-7ED06E3740A6",
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:websafe:11.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "186C996F-8E31-493B-BC0F-C5D831AB0BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f5:websafe:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2175D656-06F7-4708-9DC0-E859BABD3CC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
},
{
"lang": "es",
"value": "En BIG-IP en las versiones desde la 11.6.0 hasta la 11.6.2 (solucionado en la versi\u00f3n 11.6.2 HF1), desde la 12.0.0 hasta la 12.1.2 HF1 (solucionado en la versi\u00f3n 12.1.2 HF2) o desde la 13.0.0 hasta la 13.0.0 HF2 (solucionado en la versi\u00f3n 13.0.0 HF3) un servidor virtual configurado con un perfil SSL de cliente puede ser vulnerable a un ataque adaptativo de texto cifrado escogido (tambi\u00e9n conocido como ataque Bleichenbacher) contra RSA. Cuando se explota este ataque, puede dar lugar a la recuperaci\u00f3n de texto plano de mensajes cifrados y/o a un ataque Man-in-the-middle (MiTM), a pesar de que el atacante no haya obtenido acceso a la propia clave privada del servidor. Esto tambi\u00e9n se conoce como ataque ROBOT."
}
],
"id": "CVE-2017-6168",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-17T19:29:00.217",
"references": [
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101901"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039839"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"source": "f5sirt@f5.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
}
],
"sourceIdentifier": "f5sirt@f5.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2017-ALE-020
Vulnerability from certfr_alerte - Published: 2017-12-13 - Updated: 2018-04-06
[Mise à jour du 02/02/2018 : Ajout de l'avis de sécurité Aruba ARUBA-PSA-2018-002]
En 1998, le chercheur Daniel Bleichenbacher a découvert une vulnérabilité dans des implémentations du chiffrement RSA PKCS #1 v1.5 utilisé dans SSL.
Celle-ci permet une attaque à texte chiffré choisi. Après avoir passivement intercepté les communications entre un client et un serveur, un attaquant peut envoyer des requêtes mal formées à ce serveur, chiffrées avec la clé publique de celui-ci, dans le but d'obtenir des informations en fonction des messages d'erreurs reçus. Au bout d'un certain nombre de requêtes, l'attaquant est en mesure, sans deviner la clé privée, de récupérer la clé de session dans ses captures préalables et ainsi pouvoir déchiffrer les communications. Suivant les implémentations, ce nombre de requêtes varie de plusieurs dizaines de milliers à quelques millions. Cette attaque permet également de faire signer des messages arbitraires par le serveur.
Le 12 décembre 2017, des chercheurs ont publié leurs travaux sur cette vulnérabilité par le biais d'un site internet (cf. section Documentation) et d'un papier blanc (cf. section Documentation). En scannant internet, ils ont découvert que de nombreuses implémentations de piles TLS sont encore vulnérables, soit parce qu'elles n'ont pas été mises à jour, soit parce qu'il n'a pas été tenu compte des contre-mesures existantes.
Ces chercheurs estiment qu'une attaque de l'intercepteur actif (Mitm) est peu pratique à mettre en oeuvre à cause du temps requis pour récupérer la clé de session. En effet, celui-ci est de l'ordre de plusieurs secondes ; cela est suffisant pour une attaque hors ligne, mais trop long pour se placer discrètement dans une communication. Ils recommandent de désactiver le chiffrement RSA au profit de l'utilisation de l'algorithme de Diffie-Hellman en courbes elliptiques.
Le 30 janvier 2018, Aruba Networks a publié un avis de sécurité pour indiquer que les versions d'InstantOS antérieures à 6.5.4.6 étaient vulnérables (cf. section Documentation). La version 6.5.4.6 n'est cependant pas encore disponible et ne possède pas de date de sortie officielle.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Contournement provisoire
Le CERT-FR recommande l'utilisation des outils fournis par les chercheurs sur leur site (cf. section Documentation) afin de déterminer si des équipements sont vulnérables. D'un point de vue opérationnel, la désactivation du chiffrement RSA peut s'avérer compliquée. Il est aussi possible de surveiller les communications réseaux pour détecter des pics d'envois de messages erronés.
En cas de présence d'équipement vulnérable, les communications ne peuvent plus être considérées comme confidentielles. De même, on ne peut plus faire confiance aux messages signés par un serveur vulnérable.
Les chercheurs ont annoncé qu'ils disposaient d'une preuve de concept. Pour l'instant, celle-ci n'est pas disponible publiquement, mais ils ont annoncé qu'ils comptaient la publier après avoir laissé du temps supplémentaire aux constructeurs pour corriger cette faille.
Le CERT-FR recommande l'installation des correctifs dès que ceux-ci sont disponibles.
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Se r\u00e9f\u00e9rer \u00e0 la liste des produits affect\u00e9s sur le site du kd.cert.org (cf. section Documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2018-04-06",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n## Contournement provisoire\n\nLe CERT-FR recommande l\u0027utilisation des outils fournis par les\nchercheurs sur leur site (cf. section Documentation) afin de d\u00e9terminer\nsi des \u00e9quipements sont vuln\u00e9rables. D\u0027un point de vue op\u00e9rationnel, la\nd\u00e9sactivation du chiffrement RSA peut s\u0027av\u00e9rer compliqu\u00e9e. Il est aussi\npossible de surveiller les communications r\u00e9seaux pour d\u00e9tecter des pics\nd\u0027envois de messages erron\u00e9s.\n\nEn cas de pr\u00e9sence d\u0027\u00e9quipement vuln\u00e9rable, les communications ne\npeuvent plus \u00eatre consid\u00e9r\u00e9es comme confidentielles. De m\u00eame, on ne peut\nplus faire confiance aux messages sign\u00e9s par un serveur vuln\u00e9rable.\n\nLes chercheurs ont annonc\u00e9 qu\u0027ils disposaient d\u0027une preuve de concept.\nPour l\u0027instant, celle-ci n\u0027est pas disponible publiquement, mais ils ont\nannonc\u00e9 qu\u0027ils comptaient la publier apr\u00e8s avoir laiss\u00e9 du temps\nsuppl\u00e9mentaire aux constructeurs pour corriger cette faille.\n\nLe CERT-FR recommande l\u0027installation des correctifs d\u00e8s que ceux-ci sont\ndisponibles.\n",
"cves": [
{
"name": "CVE-2017-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2016-6883",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6883"
},
{
"name": "CVE-2017-17428",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17428"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2012-5081",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
},
{
"name": "CVE-2017-6168",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6168"
},
{
"name": "CVE-2017-17382",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17382"
},
{
"name": "CVE-2017-17427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17427"
}
],
"initial_release_date": "2017-12-13T00:00:00",
"last_revision_date": "2018-04-06T00:00:00",
"links": [
{
"title": "Avis CERT-FR CERTFR-2017-AVI-463",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2017-AVI-463/"
},
{
"title": "Return Of Bleichenbacher\u2019s Oracle Threat (ROBOT)",
"url": "https://eprint.iacr.org/2017/1189.pdf"
},
{
"title": "Liste \u00e9tendue de produits affect\u00e9s",
"url": "https://www.kb.cert.org/vuls/byvendor?searchview\u0026Query=FIELD+Reference=144389\u0026SearchOrder=4"
},
{
"title": "Avis de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2018-002 du 30 janvier 2018",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"title": "Avis CERT-FR CERTFR-2017-AVI-462",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2017-AVI-462/"
}
],
"reference": "CERTFR-2017-ALE-020",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-12-13T00:00:00.000000"
},
{
"description": "Ajout de l\u0027avis de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2018-002",
"revision_date": "2018-02-02T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte",
"revision_date": "2018-04-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "\\[Mise \u00e0 jour du 02/02/2018 : Ajout de l\u0027avis de s\u00e9curit\u00e9 Aruba\nARUBA-PSA-2018-002\\]\n\nEn 1998, le chercheur\u00a0Daniel Bleichenbacher a d\u00e9couvert une\nvuln\u00e9rabilit\u00e9 dans des impl\u00e9mentations du chiffrement RSA PKCS \\#1 v1.5\nutilis\u00e9 dans SSL.\n\nCelle-ci permet une attaque \u00e0 texte chiffr\u00e9 choisi. Apr\u00e8s avoir\npassivement intercept\u00e9 les communications entre un client et un serveur,\nun attaquant peut envoyer des requ\u00eates mal form\u00e9es \u00e0 ce serveur,\nchiffr\u00e9es avec la cl\u00e9 publique de celui-ci, dans le but d\u0027obtenir des\ninformations en fonction des messages d\u0027erreurs re\u00e7us. Au bout d\u0027un\ncertain nombre de requ\u00eates, l\u0027attaquant est en mesure, sans deviner la\ncl\u00e9 priv\u00e9e, de r\u00e9cup\u00e9rer la cl\u00e9 de session dans ses captures pr\u00e9alables\net ainsi pouvoir d\u00e9chiffrer les communications. Suivant les\nimpl\u00e9mentations, ce nombre de requ\u00eates varie de plusieurs dizaines de\nmilliers \u00e0 quelques millions. Cette attaque permet \u00e9galement de faire\nsigner des messages arbitraires par le serveur.\n\nLe 12 d\u00e9cembre 2017, des chercheurs ont publi\u00e9 leurs travaux sur cette\nvuln\u00e9rabilit\u00e9 par le biais d\u0027un site internet (cf. section\nDocumentation) et d\u0027un papier blanc (cf. section Documentation). En\nscannant internet, ils ont d\u00e9couvert que de nombreuses impl\u00e9mentations\nde piles TLS sont encore vuln\u00e9rables, soit parce qu\u0027elles n\u0027ont pas \u00e9t\u00e9\nmises \u00e0 jour, soit parce qu\u0027il n\u0027a pas \u00e9t\u00e9 tenu compte des\ncontre-mesures existantes.\n\nCes chercheurs estiment qu\u0027une attaque de l\u0027intercepteur actif (Mitm)\nest peu pratique \u00e0 mettre en oeuvre \u00e0 cause du temps requis pour\nr\u00e9cup\u00e9rer la cl\u00e9 de session. En effet, celui-ci est de l\u0027ordre de\nplusieurs secondes ; cela est suffisant pour une attaque hors ligne,\nmais trop long pour se placer discr\u00e8tement dans une communication. Ils\nrecommandent de d\u00e9sactiver le chiffrement RSA au profit de l\u0027utilisation\nde l\u0027algorithme de Diffie-Hellman en courbes elliptiques.\n\nLe 30 janvier 2018, Aruba Networks a publi\u00e9 un avis de s\u00e9curit\u00e9 pour\nindiquer que les versions d\u0027InstantOS ant\u00e9rieures \u00e0 6.5.4.6 \u00e9taient\nvuln\u00e9rables (cf. section Documentation). La version 6.5.4.6 n\u0027est\ncependant pas encore disponible et ne poss\u00e8de pas de date de sortie\nofficielle.\n\n\u00a0\n",
"title": "Vuln\u00e9rabilit\u00e9 dans des impl\u00e9mentations de TLS",
"vendor_advisories": [
{
"published_at": null,
"title": "robotattack.org",
"url": "https://robotattack.org/"
}
]
}
CNVD-2017-37495
Vulnerability from cnvd - Published: 2017-12-19
VLAI Severity ?
Title
F5 BIG-IP virtual server信息泄露漏洞
Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的多合一网络设备。virtual server是其中的一个虚拟服务器。
F5 BIG-IP 11.6.0-11.6.2版本、12.0.0版本至12.1.2 HF1版本和13.0.版本至13.0.0 HF2版本中的带有Client SSL配置文件的virtual server存在安全漏洞。攻击者可利用该漏洞获取明文形式的加密消息和/或实施中间人攻击。
Severity
中
Patch Name
F5 BIG-IP virtual server信息泄露漏洞的补丁
Patch Description
F5 BIG-IP是美国F5公司的一款集成了网络流量管理、应用程序安全管理、负载均衡等功能的多合一网络设备。virtual server是其中的一个虚拟服务器。
F5 BIG-IP 11.6.0-11.6.2版本、12.0.0版本至12.1.2 HF1版本和13.0.版本至13.0.0 HF2版本中的带有Client SSL配置文件的virtual server存在安全漏洞。攻击者可利用该漏洞获取明文形式的加密消息和/或实施中间人攻击。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: https://support.f5.com/csp/article/K21905460
Reference
https://support.f5.com/csp/article/K21905460
http://www.securityfocus.com/bid/101901
Impacted products
| Name | ['F5 BIG-IP >=11.6.0,<=11.6.2', 'F5 BIG-IP >=12.0.0,<=12.1.2 HF1', 'F5 BIG-IP >=13.0,<=13.0.0 HF2'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-6168"
}
},
"description": "F5 BIG-IP\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u591a\u5408\u4e00\u7f51\u7edc\u8bbe\u5907\u3002virtual server\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u865a\u62df\u670d\u52a1\u5668\u3002\r\n\r\nF5 BIG-IP 11.6.0-11.6.2\u7248\u672c\u300112.0.0\u7248\u672c\u81f312.1.2 HF1\u7248\u672c\u548c13.0.\u7248\u672c\u81f313.0.0 HF2\u7248\u672c\u4e2d\u7684\u5e26\u6709Client SSL\u914d\u7f6e\u6587\u4ef6\u7684virtual server\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u660e\u6587\u5f62\u5f0f\u7684\u52a0\u5bc6\u6d88\u606f\u548c/\u6216\u5b9e\u65bd\u4e2d\u95f4\u4eba\u653b\u51fb\u3002",
"discovererName": "Hanno B\u00c3\u00b6ck, Juraj Somorovsky of Ruhr-Universit\u00c3\u00a4t Bochum / Hackmanit GmbH, and Craig Young of Tripwire VERT",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://support.f5.com/csp/article/K21905460",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-37495",
"openTime": "2017-12-19",
"patchDescription": "F5 BIG-IP\u662f\u7f8e\u56fdF5\u516c\u53f8\u7684\u4e00\u6b3e\u96c6\u6210\u4e86\u7f51\u7edc\u6d41\u91cf\u7ba1\u7406\u3001\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7ba1\u7406\u3001\u8d1f\u8f7d\u5747\u8861\u7b49\u529f\u80fd\u7684\u591a\u5408\u4e00\u7f51\u7edc\u8bbe\u5907\u3002virtual server\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u865a\u62df\u670d\u52a1\u5668\u3002\r\n\r\nF5 BIG-IP 11.6.0-11.6.2\u7248\u672c\u300112.0.0\u7248\u672c\u81f312.1.2 HF1\u7248\u672c\u548c13.0.\u7248\u672c\u81f313.0.0 HF2\u7248\u672c\u4e2d\u7684\u5e26\u6709Client SSL\u914d\u7f6e\u6587\u4ef6\u7684virtual server\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u660e\u6587\u5f62\u5f0f\u7684\u52a0\u5bc6\u6d88\u606f\u548c/\u6216\u5b9e\u65bd\u4e2d\u95f4\u4eba\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "F5 BIG-IP virtual server\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"F5 BIG-IP \u003e=11.6.0\uff0c\u003c=11.6.2",
"F5 BIG-IP \u003e=12.0.0\uff0c\u003c=12.1.2 HF1",
"F5 BIG-IP \u003e=13.0\uff0c\u003c=13.0.0 HF2"
]
},
"referenceLink": "https://support.f5.com/csp/article/K21905460\r\nhttp://www.securityfocus.com/bid/101901",
"serverity": "\u4e2d",
"submitTime": "2017-11-20",
"title": "F5 BIG-IP virtual server\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}
GSD-2017-6168
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-6168",
"description": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack.",
"id": "GSD-2017-6168"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-6168"
],
"details": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack.",
"id": "GSD-2017-6168",
"modified": "2023-12-13T01:21:09.915952Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2017-6168",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"url": "https://robotattack.org/"
},
{
"name": "https://support.f5.com/csp/article/K21905460",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"name": "101901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101901"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"name": "1039839",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039839"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ltm:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_ltm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_afm:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_afm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_apm:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_apm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_asm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_asm:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_pem:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:big-ip_pem:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.6.2",
"versionStartIncluding": "11.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:websafe:13.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:websafe:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.1.2",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f5:websafe:11.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "f5sirt@f5.com",
"ID": "CVE-2017-6168"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server\u0027s private key itself, aka a ROBOT attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.f5.com/csp/article/K21905460",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.f5.com/csp/article/K21905460"
},
{
"name": "1039839",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039839"
},
{
"name": "101901",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101901"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/144389"
},
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://robotattack.org/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
}
},
"lastModifiedDate": "2021-09-23T15:58Z",
"publishedDate": "2017-11-17T19:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…