Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/102173 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1039985 | Third Party Advisory VDB Entry |
https://robotattack.org/ | Third Party Advisory |
https://support.citrix.com/article/ctx230238 | Vendor Advisory |
https://www.kb.cert.org/vuls/id/144389 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2017-12-13 16:29
Updated : 2024-02-28 16:04
NVD link : CVE-2017-17382
Mitre link : CVE-2017-17382
CVE.ORG link : CVE-2017-17382
JSON object : View
Products Affected
citrix
- application_delivery_controller_firmware
- netscaler_gateway_firmware
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm