Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017

cisco-sa-20171212-bleichenbacher · Medium · Published · Updated

On December 12, 2017, a research paper with the title Return of Bleichenbacher's Oracle Threat was made publicly available. This paper describes how some Transport Layer Security (TLS) stacks are vulnerable to variations of the classic Bleichenbacher attack on RSA key exchange. Multiple vulnerabilities were identified based on this research. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. To exploit these vulnerabilities, an attacker must be able to perform both of the following actions: Capture traffic between clients and the affected TLS server. Actively establish a considerable number of TLS connections to the vulnerable server. The actual number of connections required varies with the implementation-specific vulnerabilities, and could range from hundreds of thousands to millions of connections. Multiple Cisco products are affected by these vulnerabilities. Cisco has released software updates that address some of these vulnerabilities. There may be workarounds available for selected products. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher

Cisco advisory · CSAF JSON

Workarounds

Disabling use of TLS ciphers that rely on RSA for key exchange is a possible mitigation for these vulnerabilities. It is applicable only to products that support other types of ciphers, such as those based on Diffie-Hellman key exchange. This mitigation may have an impact on interoperability with legacy clients that do not support these ciphers. This mitigation is not applicable to Cisco Application Control Engine (ACE).

For potential workarounds on a specific Cisco product, refer to the relevant Cisco bug, which is available from the Cisco Bug Search Tool ["https://bst.cloudapps.cisco.com/bugsearch/bug/BUGID"].

CVEsCVE-2017-12373, CVE-2017-15533, CVE-2017-17428
Cisco Bug IDsCSCvg74693, CSCvg97652, CSCvh00296, CSCvh10981, CSCvh25064
CVSS ScoreBase 5.3
Base 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X
Product Names From Source
Blue Coat Systems, Inc. SSL Visibility, Cisco Adaptive Security Appliance (ASA) Software, Cisco ACE Application Control Engine Module, Cisco ACE 4700 Series Application Control Engine Appliances, Cisco WebEx Connect, Cisco WebEx Event Center, Cisco WebEx Meeting Center, Cisco WebEx Support Center, Cisco WebEx Training Center, Cisco Webex Meetings, SSL Visibility

Related Products

Product CVE Evidence
SSL Visibility CVE-2017-17428 Cisco OpenVuln
SSL Visibility CVE-2017-15533 Cisco OpenVuln
SSL Visibility CVE-2017-12373 Cisco OpenVuln
Cisco Webex Meetings CVE-2017-17428 Cisco OpenVuln
Cisco Webex Meetings CVE-2017-15533 Cisco OpenVuln
Cisco Webex Meetings CVE-2017-12373 Cisco OpenVuln
Cisco WebEx Training Center CVE-2017-17428 Cisco OpenVuln
Cisco WebEx Training Center CVE-2017-15533 Cisco OpenVuln
Cisco WebEx Training Center CVE-2017-12373 Cisco OpenVuln
Cisco WebEx Support Center CVE-2017-17428 Cisco OpenVuln
Cisco WebEx Support Center CVE-2017-15533 Cisco OpenVuln
Cisco WebEx Support Center CVE-2017-12373 Cisco OpenVuln
Cisco WebEx Meeting Center CVE-2017-17428 Cisco OpenVuln
Cisco WebEx Meeting Center CVE-2017-15533 Cisco OpenVuln
Cisco WebEx Meeting Center CVE-2017-12373 Cisco OpenVuln
Cisco WebEx Event Center CVE-2017-17428 Cisco OpenVuln
Cisco WebEx Event Center CVE-2017-15533 Cisco OpenVuln
Cisco WebEx Event Center CVE-2017-12373 Cisco OpenVuln
Cisco WebEx Connect CVE-2017-17428 Cisco OpenVuln
Cisco WebEx Connect CVE-2017-15533 Cisco OpenVuln
Cisco WebEx Connect CVE-2017-12373 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2017-17428 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2017-15533 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2017-12373 Cisco OpenVuln
Cisco ACE Application Control Engine Module CVE-2017-17428 Cisco OpenVuln
Cisco ACE Application Control Engine Module CVE-2017-15533 Cisco OpenVuln
Cisco ACE Application Control Engine Module CVE-2017-12373 Cisco OpenVuln
Cisco ACE 4700 Series Application Control Engine Appliances CVE-2017-17428 Cisco OpenVuln
Cisco ACE 4700 Series Application Control Engine Appliances CVE-2017-15533 Cisco OpenVuln
Cisco ACE 4700 Series Application Control Engine Appliances CVE-2017-12373 Cisco OpenVuln
Blue Coat Systems, Inc. SSL Visibility CVE-2017-17428 Cisco OpenVuln
Blue Coat Systems, Inc. SSL Visibility CVE-2017-15533 Cisco OpenVuln
Blue Coat Systems, Inc. SSL Visibility CVE-2017-12373 Cisco OpenVuln