cnvd - cnvd-2017-37269

cnvd-2017-37269

Vulnerability from cnvd

Title: Cisco多个产品信息泄露漏洞（CNVD-2017-37269）

Description:

Cisco ASA 系列安全设备可以保护各种规模的公司网络。它可让用户随时随地使用任何设备进行高度安全的数据访问。适用于Cisco Catalyst® 6500的思科应用控制引擎模块(ACE)系列产品提供了最高水平的应用基础设施控制能力、应用性能、应用安全性和基础设施简洁性。

Cisco下一代防火墙ASA和思科应用控制引擎ACE存在信息泄露漏洞，攻击者可利用漏洞执行中间人攻击并获取敏感信息。成功的攻击有助于实施进一步的攻击行为。

Severity: 中

Patch Name: Cisco多个产品信息泄露漏洞（CNVD-2017-37269）的补丁

Patch Description:

Cisco下一代防火墙ASA和思科应用控制引擎ACE存在信息泄露漏洞，攻击者可利用漏洞执行中间人攻击并获取敏感信息。成功的攻击有助于实施进一步的攻击行为。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher

Reference: http://www.securityfocus.com/bid/102170

Impacted products

Name
['Cisco ASA 5540 Series Adaptive Security Appliance', 'Cisco ASA 5520 Series Adaptive Security Appliance', 'Cisco ASA 5510 Series Adaptive Security Appliance', 'Cisco ASA 5505 Series Adaptive Security Appliance', 'Cisco ASA 5500-X Series Firewalls 9.1(7.16)', 'Cisco Adaptive Security Appliance (ASA) 5500-X Series', 'Cisco ACE30 Application Control Engine Module', 'Cisco ACE 4710 Application Control Engine', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.5)', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.0)', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(2.0)']

Name

['Cisco ASA 5540 Series Adaptive Security Appliance', 'Cisco ASA 5520 Series Adaptive Security Appliance', 'Cisco ASA 5510 Series Adaptive Security Appliance', 'Cisco ASA 5505 Series Adaptive Security Appliance', 'Cisco ASA 5500-X Series Firewalls 9.1(7.16)', 'Cisco Adaptive Security Appliance (ASA) 5500-X Series', 'Cisco ACE30 Application Control Engine Module', 'Cisco ACE 4710 Application Control Engine', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.5)', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.0)', 'Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(2.0)']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "102170"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-12373"
    }
  },
  "description": "Cisco ASA \u7cfb\u5217\u5b89\u5168\u8bbe\u5907\u53ef\u4ee5\u4fdd\u62a4\u5404\u79cd\u89c4\u6a21\u7684\u516c\u53f8\u7f51\u7edc\u3002\u5b83\u53ef\u8ba9\u7528\u6237\u968f\u65f6\u968f\u5730\u4f7f\u7528\u4efb\u4f55\u8bbe\u5907\u8fdb\u884c\u9ad8\u5ea6\u5b89\u5168\u7684\u6570\u636e\u8bbf\u95ee\u3002\u9002\u7528\u4e8eCisco Catalyst\u00ae 6500\u7684\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ce\u6a21\u5757(ACE)\u7cfb\u5217\u4ea7\u54c1\u63d0\u4f9b\u4e86\u6700\u9ad8\u6c34\u5e73\u7684\u5e94\u7528\u57fa\u7840\u8bbe\u65bd\u63a7\u5236\u80fd\u529b\u3001\u5e94\u7528\u6027\u80fd\u3001\u5e94\u7528\u5b89\u5168\u6027\u548c\u57fa\u7840\u8bbe\u65bd\u7b80\u6d01\u6027\u3002\r\n\r\nCisco\u4e0b\u4e00\u4ee3\u9632\u706b\u5899ASA\u548c\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ceACE\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6267\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u5e76\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u6210\u529f\u7684\u653b\u51fb\u6709\u52a9\u4e8e\u5b9e\u65bd\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u884c\u4e3a\u3002",
  "discovererName": "Hanno B\u00c3\u00b6ck, Juraj Somorovsky of Ruhr-Universit\u00c3\u00a4t Bochum/Hackmanit GmbH, and Craig Young of Tripwire VERT.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-37269",
  "openTime": "2017-12-18",
  "patchDescription": "Cisco ASA \u7cfb\u5217\u5b89\u5168\u8bbe\u5907\u53ef\u4ee5\u4fdd\u62a4\u5404\u79cd\u89c4\u6a21\u7684\u516c\u53f8\u7f51\u7edc\u3002\u5b83\u53ef\u8ba9\u7528\u6237\u968f\u65f6\u968f\u5730\u4f7f\u7528\u4efb\u4f55\u8bbe\u5907\u8fdb\u884c\u9ad8\u5ea6\u5b89\u5168\u7684\u6570\u636e\u8bbf\u95ee\u3002\u9002\u7528\u4e8eCisco Catalyst\u00ae 6500\u7684\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ce\u6a21\u5757(ACE)\u7cfb\u5217\u4ea7\u54c1\u63d0\u4f9b\u4e86\u6700\u9ad8\u6c34\u5e73\u7684\u5e94\u7528\u57fa\u7840\u8bbe\u65bd\u63a7\u5236\u80fd\u529b\u3001\u5e94\u7528\u6027\u80fd\u3001\u5e94\u7528\u5b89\u5168\u6027\u548c\u57fa\u7840\u8bbe\u65bd\u7b80\u6d01\u6027\u3002\r\n\r\nCisco\u4e0b\u4e00\u4ee3\u9632\u706b\u5899ASA\u548c\u601d\u79d1\u5e94\u7528\u63a7\u5236\u5f15\u64ceACE\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6f0f\u6d1e\u6267\u884c\u4e2d\u95f4\u4eba\u653b\u51fb\u5e76\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u3002\u6210\u529f\u7684\u653b\u51fb\u6709\u52a9\u4e8e\u5b9e\u65bd\u8fdb\u4e00\u6b65\u7684\u653b\u51fb\u884c\u4e3a\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco\u591a\u4e2a\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-37269\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco ASA 5540 Series Adaptive Security Appliance",
      "Cisco ASA 5520 Series Adaptive Security Appliance",
      "Cisco ASA 5510 Series Adaptive Security Appliance",
      "Cisco ASA 5505 Series Adaptive Security Appliance",
      "Cisco ASA 5500-X Series Firewalls 9.1(7.16)",
      "Cisco Adaptive Security Appliance (ASA) 5500-X Series",
      "Cisco ACE30 Application Control Engine Module",
      "Cisco ACE 4710 Application Control Engine",
      "Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.5)",
      "Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(3.0)",
      "Cisco ACE 4700 Series Application Control Engine Appliances 3.0(0)A5(2.0)"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/102170",
  "serverity": "\u4e2d",
  "submitTime": "2017-12-18",
  "title": "Cisco\u591a\u4e2a\u4ea7\u54c1\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2017-37269\uff09"
}

CVE-2017-12373 (GCVE-0-2017-12373)

Vulnerability from cvelistv5

Published

2017-12-15 20:00

Modified

2024-08-05 18:36

Severity ?

CWE

CWE-200

Summary

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/102170	vdb-entry, x_refsource_BID
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Cisco legacy ASA 5500 products TLS protocol implementation	Version: Cisco legacy ASA 5500 products TLS protocol implementation

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:36:56.096Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "102170",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco legacy ASA 5500 products TLS protocol implementation",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Cisco legacy ASA 5500 products TLS protocol implementation"
            }
          ]
        }
      ],
      "datePublic": "2017-12-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher\u0027s Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-17T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "102170",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2017-12373",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco legacy ASA 5500 products TLS protocol implementation",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Cisco legacy ASA 5500 products TLS protocol implementation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher\u0027s Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "102170",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102170"
            },
            {
              "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher",
              "refsource": "CONFIRM",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2017-12373",
    "datePublished": "2017-12-15T20:00:00",
    "dateReserved": "2017-08-03T00:00:00",
    "dateUpdated": "2024-08-05T18:36:56.096Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted