TLS Padding Oracle in Cisco ASA



| Updated: 2024-01-03
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-12373
CWE-ID CWE-310
Exploitation vector Local network
Public exploit N/A
Vulnerable software
 Cisco Adaptive Security Appliance (ASA)
Hardware solutions / Security hardware applicances

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) TLS Padding Oracle

EUVDB-ID: #VU84952

Risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2017-12373

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt TLS traffic.

The vulnerability exists due to an error in TLS implementation. A remote attacker with ability to establish a large number of TLS connections with the target server can conduct an adaptive-chosen ciphertext attack against RSA cipher and gain access to sensitive information.

The attack is known as "ROBOT" (Return Of Bleichenbacher's Oracle Threat).

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco Adaptive Security Appliance (ASA): before

CPE2.3 External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###