CVE-2017-12373

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.

Severity	MEDIUM
CVSS	5.9
CWE	CWE-200
KEV
Published	8 years ago
Modified	6 days ago

Related Products

Product	Advisory	Evidence
SSL Visibility	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco Webex Meetings	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco WebEx Training Center	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco WebEx Support Center	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco WebEx Meeting Center	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco WebEx Event Center	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco WebEx Connect	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco ACE Application Control Engine Module	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Cisco ACE 4700 Series Application Control Engine Appliances	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln
Blue Coat Systems, Inc. SSL Visibility	cisco-sa-20171212-bleichenbacher	Cisco OpenVuln