Executive Summary
Summary | |
---|---|
Title | Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017 |
Informations | |||
---|---|---|---|
Name | cisco-sa-20171212-bleichenbacher | First vendor Publication | 2017-12-12 |
Vendor | Cisco | Last vendor Modification | 2017-12-12 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
On December 12, 2017, a research paper with the title Return of Bleichenbacher's Oracle Threat was made publicly available. This paper describes how some Transport Layer Security (TLS) stacks are vulnerable to variations of the classic Bleichenbacher attack on RSA key exchange. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. To exploit this vulnerability, an attacker must be able to perform both of the following actions: Capture traffic between clients and the affected TLS server. Actively establish a considerable number of TLS connections to the vulnerable server. The actual number of connections required varies with the implementation-specific vulnerabilities, and could range from hundreds of thousands to millions of connections. Multiple Cisco products are affected by this vulnerability. There may be workarounds available for selected products. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"] BEGIN PGP SIGNATURE iQKBBAEBAgBrBQJaL/wEZBxDaXNjbyBTeXN0ZW1zIFByb2R1Y3QgU2VjdXJpdHkg SW5jaWRlbnQgUmVzcG9uc2UgVGVhbSAoQ2lzY28gUFNJUlQga2V5IDIwMTYtMjAx NykgPHBzaXJ0QGNpc2NvLmNvbT4ACgkQrz2APcQAkHlK6BAAsSsjgdaWi1bKYp1k azjE40r91q/TwybCDo8uEhkjVp2GxTSVEbpjBn+xqpMWmSQr311uBe646XOzsv3e pjmCW815IljoiIY2LtjGcnznCHCa5ElK4R9iD2fS9CNz60lajdp5vnskb4m9Q7nL 5PKWtYCDNmbykZEMeIxUPKhSg3kbH2IqeBB7QPaQfktnik5C4sR/MOAylE3k8o9e L2+By023eZcwTUFl0i8Ml6fqmEPK+25wt8kAIXUmNVEIK+KpSfOz39IYPM2wWoFL HgnfD/JWyBweectFS//tCWpkRGILX6zlDfYg97kknWa6JfMr7v1cfm7ILE5/bZdl N8YJC292ruebCrKPsunBJEM8pSqc+J7SlD/zLeOFY/OTHZagdto2Qep+gyHdphFR oyyiJzHyGcSPDvh8BWFTGuzIZxu3dVGoUT/w4iVcii1eGDspzhf9Aelme0iit/Dd CR3e6LaQyXwcuZr7bxVoKp9a5Wv+TZsbhS52Mdq10x48PLUEybEbrZYDvlGE9fEL STv0G4C8VCTYKHtMAeB05zGaX7B/lKeN6xCRKY7ful87TJhMQ5kvnjqIR7DgzSee YJraDy1Lm8+6oifp62LABT/IdZoa4y29HPcJIcc3t16vWdmJuxq8RfGRlK2oyxL9 zOlqM9DiZ+rhXkHqoT9vTxth4oA= =m1yY END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm (CWE/SANS Top 25) |
50 % | CWE-203 | Information Exposure Through Discrepancy |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 | |
Os | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-04-05 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45830 - Revision : 1 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45201 - Revision : 2 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45200 - Revision : 2 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45199 - Revision : 2 - Type : SERVER-OTHER |
2017-12-13 | Cisco Application Control Engine padding oracle attack attempt RuleID : 45120 - Revision : 1 - Type : SERVER-OTHER |
Alert History
Date | Informations |
---|---|
2018-03-29 17:21:19 |
|
2018-03-05 21:22:56 |
|
2018-01-04 21:23:56 |
|
2017-12-12 17:21:25 |
|