CVE-2017-17382

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
References
Link Resource
https://www.kb.cert.org/vuls/id/144389 Third Party Advisory US Government Resource
https://support.citrix.com/article/ctx230238 Vendor Advisory
https://robotattack.org/ Third Party Advisory
http://www.securitytracker.com/id/1039985 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/102173 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:citrix:application_delivery_controller_firmware:10.5:*:*:*:*:*:*:*
cpe:2.3:o:citrix:application_delivery_controller_firmware:11.1:*:*:*:*:*:*:*
cpe:2.3:o:citrix:application_delivery_controller_firmware:12.0:*:*:*:*:*:*:*
cpe:2.3:o:citrix:application_delivery_controller_firmware:11.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:citrix:netscaler_gateway_firmware:11.1:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:10.5:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:11.0:*:*:*:*:*:*:*
cpe:2.3:o:citrix:netscaler_gateway_firmware:12.0:*:*:*:*:*:*:*

Information

Published : 2017-12-13 08:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-17382

Mitre link : CVE-2017-17382


JSON object : View

CWE
CWE-327

Use of a Broken or Risky Cryptographic Algorithm

Advertisement

dedicated server usa

Products Affected

citrix

  • application_delivery_controller_firmware
  • netscaler_gateway_firmware