CVE-2012-5081Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. |
| Severity | MEDIUM |
Base Score | 5.0 |
| Impact Score | 2.9 |
Exploit Score | 10.0 |
| Confidentiality Impact | NONE |
Integrity Impact | NONE |
| Availability Impact | PARTIAL |
Access Vector | |
| Authentication | NONE |
Ease of Access | |
|
|
CVE-2016-6883MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack. |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-1000385The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS #1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key (this is a variation of the Bleichenbacher attack). |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-12373A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652. |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-13098BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable application. This vulnerability is referred to as "ROBOT." |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-13099wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-17382Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-17427Radware Alteon devices with a firmware version between 31.0.0.0-31.0.3.0 are vulnerable to an adaptive-chosen ciphertext attack ("Bleichenbacher attack"). This allows an attacker to decrypt observed traffic that has been encrypted with the RSA cipher and to perform other private key operations. |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-17428Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. |
| Severity | |
Base Score | 5.9 |
| Impact Score | 3.6 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | NONE |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
CVE-2017-6168On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack. |
| Severity | |
Base Score | 7.4 |
| Impact Score | 5.2 |
Exploit Score | 2.2 |
| Confidentiality Impact | HIGH |
Integrity Impact | HIGH |
| Availability Impact | NONE |
Access Vector | |
| Authentication | |
Ease of Access | |
|
|
