Main Vulnerability Database Exploits ID:65 - Exploit for TLS Padding Oracle in Citrix NetScaler - CVE-2017-17382

ID:65 - Exploit for TLS Padding Oracle in Citrix NetScaler - CVE-2017-17382

Published: March 18, 2020

Vulnerability identifier: #VU9651

Vulnerability risk: Low

CVE-ID: CVE-2017-17382

CWE-ID: CWE-310

Exploitation vector: Adjecent network

Vulnerable software:
Citrix NetScaler

Link to public exploit:

https://www.rapid7.com/db/modules/auxiliary/scanner/ssl/bleichenbacher_oracle

Vulnerability description

The vulnerability allows a remote attacker to decrypt TLS traffic. A TLS padding Oracle issue has been detected in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway. A remote attacker with ability to establish a large number of TLS connections with the target server can conduct a modified version of the Bleichenbacher chosen-ciphertext attack against RSA PKCS#1 v1.5 encryption block formatting and decrypt the data. The attack is known as "ROBOT" (Return Of Bleichenbacher's Oracle Threat).

Remediation

Install updates from vendor's website:

Citrix NetScaler ADC and NetScaler Gateway version 12.0 earlier than build 53.22
Citrix NetScaler ADC and NetScaler Gateway version 11.1 earlier than build 56.19
Citrix NetScaler ADC and NetScaler Gateway version 11.0 earlier than build 71.22
Citrix NetScaler ADC and NetScaler Gateway version 10.5 earlier than build 67.13

ID:65 - Exploit for TLS Padding Oracle in Citrix NetScaler - CVE-2017-17382

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human