TLS Padding Oracle Vulnerability in Citrix NetScaler ADC and NetScaler Gateway

1) TLS Padding Oracle

EUVDB-ID: #VU9651

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:F/RL:O/RC:C]

CVE-ID: CVE-2017-17382

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to decrypt TLS traffic. A TLS padding Oracle issue has been detected in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway. A remote attacker with ability to establish a large number of TLS connections with the target server can conduct a modified version of the Bleichenbacher chosen-ciphertext attack against RSA PKCS#1 v1.5 encryption block formatting and decrypt the data. The attack is known as "ROBOT" (Return Of Bleichenbacher's Oracle Threat).

Mitigation

Install updates from vendor's website:

• Citrix NetScaler ADC and NetScaler Gateway version 12.0 earlier than build 53.22
• Citrix NetScaler ADC and NetScaler Gateway version 11.1 earlier than build 56.19
• Citrix NetScaler ADC and NetScaler Gateway version 11.0 earlier than build 71.22
• Citrix NetScaler ADC and NetScaler Gateway version 10.5 earlier than build 67.13

Vulnerable software versions

Citrix NetScaler: 10.5 Build 50.10 - 12.0 Build 53.13

External links

http://support.citrix.com/article/CTX230238
http://eprint.iacr.org/2017/1189

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.