Vulnerabilities > CVE-2017-12373 - Information Exposure Through Discrepancy vulnerability in Cisco products

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
cisco
CWE-203
nessus
metasploit

Summary

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.

Common Weakness Enumeration (CWE)

Metasploit

descriptionSome TLS implementations handle errors processing RSA key exchanges and encryption (PKCS #1 v1.5 messages) in a broken way that leads an adaptive chosen-chiphertext attack. Attackers cannot recover a server's private key, but they can decrypt and sign messages with it. A strong oracle occurs when the TLS server does not strictly check message formatting and needs less than a million requests on average to decode a given ciphertext. A weak oracle server strictly checks message formatting and often requires many more requests to perform the attack. This module requires Python 3 with the gmpy2 and cryptography packages to be present.
idMSF:AUXILIARY/SCANNER/SSL/BLEICHENBACHER_ORACLE
last seen2020-03-09
modified2018-08-27
published2018-02-02
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/ssl/bleichenbacher_oracle.py
titleScanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5

Nessus

NASL familyGeneral
NASL idSSL_ROBOT_BLEICHENBACHER.NASL
descriptionThe remote host is affected by an information disclosure vulnerability. The SSL/TLS service supports RSA key exchanges, and incorrectly leaks whether or not the RSA key exchange sent by a client was correctly formatted. This information can allow an attacker to decrypt previous SSL/TLS sessions or impersonate the server. Note that this plugin does not attempt to recover an RSA ciphertext, however it sends a number of correct and malformed RSA ciphertexts as part of an SSL handshake and observes how the server responds. This plugin attempts to discover the vulnerability in multiple ways, by not completing the handshake and by completing it incorrectly, as well as using a variety of cipher suites. Only the first method that finds the service to be vulnerable is reported. This plugin requires report paranoia as some services will report as affected even though the issue is not exploitable.
last seen2020-04-07
modified2017-12-26
plugin id105415
published2017-12-26
reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/105415
titleReturn Of Bleichenbacher's Oracle Threat (ROBOT) Information Disclosure