Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-13099 (GCVE-0-2017-13099)
Vulnerability from cvelistv5
Published
2017-12-13 01:00
Modified
2024-09-16 17:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "102174",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102174"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://robotattack.org/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"all"
],
"product": "wolfSSL",
"vendor": "wolfSSL",
"versions": [
{
"status": "affected",
"version": "\u003c3.12.2"
}
]
}
],
"datePublic": "2017-12-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\""
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "102174",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102174"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://robotattack.org/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"name": "VU#144389",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
}
],
"title": "wolfSSL Bleichenbacher/ROBOT",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2017-12-12",
"ID": "CVE-2017-13099",
"STATE": "PUBLIC",
"TITLE": "wolfSSL Bleichenbacher/ROBOT"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wolfSSL",
"version": {
"version_data": [
{
"platform": "all",
"version_value": "\u003c3.12.2"
}
]
}
}
]
},
"vendor_name": "wolfSSL"
}
]
}
},
"credit": [
""
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\""
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102174"
},
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"url": "https://robotattack.org/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"name": "https://github.com/wolfSSL/wolfssl/pull/1229",
"refsource": "CONFIRM",
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13099",
"datePublished": "2017-12-13T01:00:00Z",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-09-16T17:08:12.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-13099\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2017-12-13T01:29:00.343\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \\\"ROBOT.\\\"\"},{\"lang\":\"es\",\"value\":\"wolfSSL en versiones anteriores a la 3.12.2 proporciona un or\u00e1culo de Bleichenbacher d\u00e9bil cuando se negocia una suite de cifrado TLS que utiliza un intercambio de claves RSA. Un atacante puede recuperar la clave privada desde una aplicaci\u00f3n wolfSSL vulnerable. Esta vulnerabilidad es conocida como \\\"ROBOT\\\".\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.12.2\",\"matchCriteriaId\":\"1C2A9A14-1B1B-4DE6-8FED-52D9AB890B80\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.3.0.1\",\"matchCriteriaId\":\"50A40BE1-05C5-4755-BDE9-17BA6A4F1953\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBC30055-239F-4BB1-B2D1-E5E35F0D8911\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:instant:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.5.4.6\",\"matchCriteriaId\":\"1985B038-1E77-4629-A52C-F0ACD78AF7FE\"}]}]}],\"references\":[{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/144389\",\"source\":\"cret@cert.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/102174\",\"source\":\"cret@cert.org\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/wolfSSL/wolfssl/pull/1229\",\"source\":\"cret@cert.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://robotattack.org/\",\"source\":\"cret@cert.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/144389\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/102174\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/wolfSSL/wolfssl/pull/1229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://robotattack.org/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
}
}
icsa-18-282-02
Vulnerability from csaf_cisa
Published
2018-10-09 00:00
Modified
2018-10-09 00:00
Summary
ICSA-18-282-02 Siemens SCALANCE W1750D
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's TXT advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
General Recommendations
As a general security measure, Siemens strongly recommends to protectnetwork access to devices with appropriate mechanisms. In order tooperate the devices in a protected IT environment, Siemens recommends toconfigure the environment according to Siemens' operational guidelinesfor Industrial Security (Download:https://www.siemens.com/cert/operational-guidelines-industrial-security),and to follow the recommendations in the product manuals.
General Recommendations
Additional information on Industrial Security by Siemens can be foundat: https://www.siemens.com/industrialsecurity
Terms of Use
Siemens Security Advisories are subject to the terms and conditions containedin Siemens' underlying license terms or other applicable agreements previouslyagreed to with Siemens (hereinafter "License Terms"). To the extent applicableto information, software or documentation made available in or through aSiemens Security Advisory, the Terms of Use of Siemens' Global Website(https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), inparticular Sections 8-10 of the Terms of Use, shall apply additionally. In caseof conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reported this vulnerability to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s TXT advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protectnetwork access to devices with appropriate mechanisms. In order tooperate the devices in a protected IT environment, Siemens recommends toconfigure the environment according to Siemens\u0027 operational guidelinesfor Industrial Security (Download:https://www.siemens.com/cert/operational-guidelines-industrial-security),and to follow the recommendations in the product manuals.",
"title": "General Recommendations"
},
{
"category": "general",
"text": "Additional information on Industrial Security by Siemens can be foundat: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions containedin Siemens\u0027 underlying license terms or other applicable agreements previouslyagreed to with Siemens (hereinafter \"License Terms\"). To the extent applicableto information, software or documentation made available in or through aSiemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website(https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), inparticular Sections 8-10 of the Terms of Use, shall apply additionally. In caseof conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-464260: TLS ROBOT vulnerability in SCALANCE W1750D",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-464260.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-282-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/refs/heads/develop/csaf_files/OT/white/2018/icsa-18-282-02.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-18-282-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-282-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "ICSA-18-282-02 Siemens SCALANCE W1750D",
"tracking": {
"current_release_date": "2018-10-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-282-02",
"initial_release_date": "2018-10-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-10-09T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV8.3.0.1",
"product": {
"name": "SCALANCE W1750D",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SCALANCE W1750D"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13099",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13099"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V8.3.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109760581",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/us/en/view/109760581"
},
{
"category": "mitigation",
"details": "Siemens has identified the following specific workarounds and mitigations thatcustomers can apply to reduce the risk: Restrict access to the web interface of the affected devices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ICSA-18-282-02
Vulnerability from csaf_cisa
Published
2018-10-09 00:00
Modified
2018-10-09 00:00
Summary
ICSA-18-282-02 Siemens SCALANCE W1750D
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's TXT advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
General Recommendations
As a general security measure, Siemens strongly recommends to protectnetwork access to devices with appropriate mechanisms. In order tooperate the devices in a protected IT environment, Siemens recommends toconfigure the environment according to Siemens' operational guidelinesfor Industrial Security (Download:https://www.siemens.com/cert/operational-guidelines-industrial-security),and to follow the recommendations in the product manuals.
General Recommendations
Additional information on Industrial Security by Siemens can be foundat: https://www.siemens.com/industrialsecurity
Terms of Use
Siemens Security Advisories are subject to the terms and conditions containedin Siemens' underlying license terms or other applicable agreements previouslyagreed to with Siemens (hereinafter "License Terms"). To the extent applicableto information, software or documentation made available in or through aSiemens Security Advisory, the Terms of Use of Siemens' Global Website(https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), inparticular Sections 8-10 of the Terms of Use, shall apply additionally. In caseof conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reported this vulnerability to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s TXT advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Multiple",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protectnetwork access to devices with appropriate mechanisms. In order tooperate the devices in a protected IT environment, Siemens recommends toconfigure the environment according to Siemens\u0027 operational guidelinesfor Industrial Security (Download:https://www.siemens.com/cert/operational-guidelines-industrial-security),and to follow the recommendations in the product manuals.",
"title": "General Recommendations"
},
{
"category": "general",
"text": "Additional information on Industrial Security by Siemens can be foundat: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions containedin Siemens\u0027 underlying license terms or other applicable agreements previouslyagreed to with Siemens (hereinafter \"License Terms\"). To the extent applicableto information, software or documentation made available in or through aSiemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website(https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), inparticular Sections 8-10 of the Terms of Use, shall apply additionally. In caseof conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-464260: TLS ROBOT vulnerability in SCALANCE W1750D",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-464260.txt"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-282-02 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/refs/heads/develop/csaf_files/OT/white/2018/icsa-18-282-02.json"
},
{
"category": "self",
"summary": "ICSA Advisory ICSA-18-282-02 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-282-02"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "ICSA-18-282-02 Siemens SCALANCE W1750D",
"tracking": {
"current_release_date": "2018-10-09T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-282-02",
"initial_release_date": "2018-10-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-10-09T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV8.3.0.1",
"product": {
"name": "SCALANCE W1750D",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SCALANCE W1750D"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13099",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "An attacker with network access to affected devices could potentially obtain a TLS session key. If the attacker is able to observe TLS traffic between a legitimate user and the device, then the attacker could decrypt the TLS traffic. The security vulnerability could be exploited by an attacker who has network access to the web interface of the device and who is able to observe TLS traffic between legitimate users and the web interface of the affected device. The vulnerability could impact the confidentiality of the communication between the affected device and a legitimate user. At the time of advisory publication no public exploitation of the security vulnerability was known.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13099"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "Update to V8.3.0.1 - Download: https://support.industry.siemens.com/cs/us/en/view/109760581",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://support.industry.siemens.com/cs/us/en/view/109760581"
},
{
"category": "mitigation",
"details": "Siemens has identified the following specific workarounds and mitigations thatcustomers can apply to reduce the risk: Restrict access to the web interface of the affected devices.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
gsd-2017-13099
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-13099",
"description": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\"",
"id": "GSD-2017-13099",
"references": [
"https://www.suse.com/security/cve/CVE-2017-13099.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-13099"
],
"details": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\"",
"id": "GSD-2017-13099",
"modified": "2023-12-13T01:21:01.859744Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"DATE_PUBLIC": "2017-12-12",
"ID": "CVE-2017-13099",
"STATE": "PUBLIC",
"TITLE": "wolfSSL Bleichenbacher/ROBOT"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "wolfSSL",
"version": {
"version_data": [
{
"platform": "all",
"version_value": "\u003c3.12.2"
}
]
}
}
]
},
"vendor_name": "wolfSSL"
}
]
}
},
"credit": [
""
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\""
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "102174",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102174"
},
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"url": "https://robotattack.org/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"name": "https://github.com/wolfSSL/wolfssl/pull/1229",
"refsource": "CONFIRM",
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.12.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:arubanetworks:instant:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.4.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13099"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://robotattack.org/",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"name": "https://github.com/wolfSSL/wolfssl/pull/1229",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
},
{
"name": "VU#144389",
"refsource": "CERT-VN",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"name": "102174",
"refsource": "BID",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102174"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-09T23:23Z",
"publishedDate": "2017-12-13T01:29Z"
}
}
}
CERTFR-2022-AVI-171
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les commutateurs Aruba AOS-CX. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| HPE Aruba Networking | AOS | AOS-CX versions 10.06.x antérieures à 10.06.0180 | ||
| HPE Aruba Networking | AOS | AOS-CX versions 10.09.x antérieures à 10.09.0010 | ||
| HPE Aruba Networking | AOS | AOS-CX versions 10.07.x antérieures à 10.07.0061 | ||
| HPE Aruba Networking | AOS | AOS-CX versions 10.08.x antérieures à 10.08.1040 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "AOS-CX versions 10.06.x ant\u00e9rieures \u00e0 10.06.0180",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-CX versions 10.09.x ant\u00e9rieures \u00e0 10.09.0010",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-CX versions 10.07.x ant\u00e9rieures \u00e0 10.07.0061",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
},
{
"description": "AOS-CX versions 10.08.x ant\u00e9rieures \u00e0 10.08.1040",
"product": {
"name": "AOS",
"vendor": {
"name": "HPE Aruba Networking",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
},
{
"name": "CVE-2016-6883",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6883"
},
{
"name": "CVE-2017-17427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17427"
},
{
"name": "CVE-2012-5081",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2002-20001",
"url": "https://www.cve.org/CVERecord?id=CVE-2002-20001"
},
{
"name": "CVE-2017-6168",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6168"
},
{
"name": "CVE-2021-41000",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41000"
},
{
"name": "CVE-2017-12373",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12373"
},
{
"name": "CVE-2021-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41003"
},
{
"name": "CVE-2017-17428",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17428"
},
{
"name": "CVE-2021-41001",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41001"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2017-17382",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17382"
},
{
"name": "CVE-2021-41002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41002"
}
],
"initial_release_date": "2022-02-23T00:00:00",
"last_revision_date": "2022-02-23T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-171",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-02-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les commutateurs\nAruba AOS-CX. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les commutateurs Aruba AOS-CX",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Aruba AOS-CX ARUBA-PSA-2022-004 du 23 f\u00e9vrier 2022",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt"
}
]
}
CERTFR-2018-AVI-476
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans SCADA les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | SIMATIC IPC627C toutes versions | ||
| Siemens | N/A | SIMATIC IPC847C toutes versions | ||
| Siemens | N/A | SIMATIC IPC227E toutes versions | ||
| Siemens | N/A | SIMATIC ITP1000 toutes versions | ||
| Siemens | N/A | SINUMERIK Panels wtih integrated TCU toutes versions | ||
| Siemens | N/A | SIMATIC S7-1200 CPU versions antérieures à 4.2.3 exclue | ||
| Siemens | N/A | SIMATIC IPC427D versions de BIOS antérieures à 17.0x.14 exclue | ||
| Siemens | N/A | SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0) toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller versions comprises entre à 2.0 inclue et 2.5 exclue | ||
| Siemens | N/A | SIMATIC ET 200 SP Open Controller toutes versions | ||
| Siemens | N/A | SIMATIC Field PG M5 versions de BIOS antérieures à 22.01.06 exclue | ||
| Siemens | N/A | SIMATIC IPC477D versions de BIOS antérieures à 17.0x.14 exclue | ||
| Siemens | N/A | SIMATIC IPC827D toutes versions | ||
| Siemens | N/A | SIMATIC ET 200SP Open Controller versions supérieures à 2.0 inclue | ||
| Siemens | N/A | SCALANCE W1750D versions antérieures à 8.3.0.1 exclue | ||
| Siemens | N/A | SIMATIC IPC477E Pro versions de BIOS antérieures à 21.01.09 exclue | ||
| Siemens | N/A | SIMATIC ET 200 SP Open Controller (F) toutes versions | ||
| Siemens | N/A | SINUMERIK 840 D sl (NCU720.3B, NCU730.3B, NCU720.3, NCU730.3) toutes versions | ||
| Siemens | N/A | SIMATIC IPC427E versions de BIOS antérieures à 21.01.09 exclue | ||
| Siemens | N/A | SIMATIC S7-1500 (incl. F) versions comprises entre 2.0 inclus et 2.5 exclue | ||
| Siemens | N/A | SIMATIC IPC3000 SMART V2 toutes versions | ||
| Siemens | N/A | SIMATIC IPC277E toutes versions | ||
| Siemens | N/A | SIMATIC IPC347E toutes versions | ||
| Siemens | N/A | RUGGEDCOM RX1400 VPE toutes versions | ||
| Siemens | N/A | SIMATIC IPC647C toutes versions | ||
| Siemens | N/A | SIMATIC IPC647D toutes versions | ||
| Siemens | N/A | SIMATIC IPC627D toutes versions | ||
| Siemens | N/A | SIMOTION P320-4S toutes versions | ||
| Siemens | N/A | SIMATIC IPC827C toutes versions | ||
| Siemens | N/A | SIMOTION P320-4E toutes versions | ||
| Siemens | N/A | SIMATIC IPC547E toutes versions | ||
| Siemens | N/A | SIMATIC IPC677D toutes versions | ||
| Siemens | N/A | SINUMERIK PCU 50.5 toutes versions | ||
| Siemens | N/A | SIMATIC IPC477E versions de BIOS antérieures à 21.01.09 exclue | ||
| Siemens | N/A | SIMATIC IPC327E toutes versions | ||
| Siemens | N/A | SIMATIC IPC677C toutes versions | ||
| Siemens | N/A | SINUMERIK TCU 30.3 toutes versions | ||
| Siemens | N/A | SIMATIC IPC547G toutes versions | ||
| Siemens | N/A | SIMATIC Field PG M4 versions de BIOS antérieures à 18.01.09 exclue | ||
| Siemens | N/A | SIMATIC S7-1500 Software Controller toutes versions | ||
| Siemens | N/A | ROX II versions antérieures à 2.12.1 exclue | ||
| Siemens | N/A | SIMATIC IPC477C toutes versions | ||
| Siemens | N/A | SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0) toutes versions | ||
| Siemens | N/A | SIMATIC IPC377E toutes versions | ||
| Siemens | N/A | SIMATIC IPC847D toutes versions | ||
| Siemens | N/A | SIMATIC IPC427C toutes versions | ||
| Siemens | N/A | RUGGEDCOM APE toutes versions |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SIMATIC IPC627C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC227E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ITP1000 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK Panels wtih integrated TCU toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1200 CPU versions ant\u00e9rieures \u00e0 4.2.3 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427D versions de BIOS ant\u00e9rieures \u00e0 17.0x.14 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU S7-1518F-4 PN/DP MFP (MLFB: 6ES7518-4FX00-1AC0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller versions comprises entre \u00e0 2.0 inclue et 2.5 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 SP Open Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M5 versions de BIOS ant\u00e9rieures \u00e0 22.01.06 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477D versions de BIOS ant\u00e9rieures \u00e0 17.0x.14 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC827D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200SP Open Controller versions sup\u00e9rieures \u00e0 2.0 inclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 8.3.0.1 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E Pro versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC ET 200 SP Open Controller (F) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK 840 D sl (NCU720.3B, NCU730.3B, NCU720.3, NCU730.3) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427E versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 (incl. F) versions comprises entre 2.0 inclus et 2.5 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC3000 SMART V2 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC277E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC347E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM RX1400 VPE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC647C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC647D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC627D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOTION P320-4S toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC827C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMOTION P320-4E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC547E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC677D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK PCU 50.5 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477E versions de BIOS ant\u00e9rieures \u00e0 21.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC327E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC677C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SINUMERIK TCU 30.3 toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC547G toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC Field PG M4 versions de BIOS ant\u00e9rieures \u00e0 18.01.09 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 Software Controller toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "ROX II versions ant\u00e9rieures \u00e0 2.12.1 exclue",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC477C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-1500 CPU S7-1518-4 PN/DP MFP (MLFB: 6ES7518-4AX00-1AC0) toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC377E toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC847D toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC IPC427C toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "RUGGEDCOM APE toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
},
{
"name": "CVE-2018-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13800"
},
{
"name": "CVE-2018-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13805"
},
{
"name": "CVE-2018-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3620"
},
{
"name": "CVE-2018-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13801"
},
{
"name": "CVE-2018-3646",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3646"
},
{
"name": "CVE-2018-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3615"
}
],
"initial_release_date": "2018-10-09T00:00:00",
"last_revision_date": "2018-10-09T00:00:00",
"links": [],
"reference": "CERTFR-2018-AVI-476",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-10-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans SCADA les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans SCADA Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-507847 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-507847.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-254686 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-254686.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-347726 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-347726.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-493830 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-493830.pdf"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SCADA Siemens ssa-464260 du 9 octobre 2018",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
}
]
}
var-201712-0434
Vulnerability from variot
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT.". TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. wolfSSL Contains a cryptographic vulnerability.Information may be obtained. wolfSSL is prone to an information-disclosure vulnerability. An attacker can exploit this issue to perform man-in-the-middle attacks to obtain sensitive information, and perform unauthorized actions. Successful exploits will lead to other attacks. Versions prior to wolfSSL 3.12.2 are vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201712-0434",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wolfssl",
"scope": "lt",
"trust": 1.8,
"vendor": "wolfssl",
"version": "3.12.2"
},
{
"model": "scalance w1750d",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "8.3.0.1"
},
{
"model": "instant",
"scope": "lt",
"trust": 1.0,
"vendor": "arubanetworks",
"version": "6.5.4.6"
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.9,
"vendor": "wolfssl",
"version": "3.9.8"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "erlang",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "legion of the bouncy castle",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "matrixssl",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "micro focus",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wolfssl",
"version": null
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.6,
"vendor": "wolfssl",
"version": "3.10.0a"
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.6,
"vendor": "wolfssl",
"version": "3.6.6"
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.6,
"vendor": "wolfssl",
"version": "3.10.0"
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.6,
"vendor": "wolfssl",
"version": "3.10.4"
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.3,
"vendor": "wolfssl",
"version": "3.9.10"
},
{
"model": "wolfssl",
"scope": "eq",
"trust": 0.3,
"vendor": "wolfssl",
"version": "3.9.9"
},
{
"model": "scalance w1750d",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "0"
},
{
"model": "wolfssl",
"scope": "ne",
"trust": 0.3,
"vendor": "wolfssl",
"version": "3.12.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "BID",
"id": "102174"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.12.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.3.0.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:arubanetworks:instant:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5.4.6",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Hanno Boeck, Juraj Somorovsky of Ruhr-Universit\u00e4t Bochum / Hackmanit GmbH, and Craig Young of Tripwire VERT.",
"sources": [
{
"db": "BID",
"id": "102174"
}
],
"trust": 0.3
},
"cve": "CVE-2017-13099",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULMON",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-13099",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 1.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.9,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-13099",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 1.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-13099",
"trust": 1.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201712-574",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-13099",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\". TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks. wolfSSL Contains a cryptographic vulnerability.Information may be obtained. wolfSSL is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to perform man-in-the-middle attacks to obtain sensitive information, and perform unauthorized actions. Successful exploits will lead to other attacks. \nVersions prior to wolfSSL 3.12.2 are vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-13099"
},
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "BID",
"id": "102174"
},
{
"db": "VULMON",
"id": "CVE-2017-13099"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#144389",
"trust": 3.6
},
{
"db": "NVD",
"id": "CVE-2017-13099",
"trust": 2.8
},
{
"db": "BID",
"id": "102174",
"trust": 2.0
},
{
"db": "SIEMENS",
"id": "SSA-464260",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-18-282-02",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU92438713",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-13099",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"db": "BID",
"id": "102174"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"id": "VAR-201712-0434",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.13247864
},
"last_update_date": "2022-05-11T23:20:28.065000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Fix for handling of static RSA padding failures #1229",
"trust": 0.8,
"url": "https://github.com/wolfssl/wolfssl/pull/1229"
},
{
"title": "wolfSSL Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77142"
},
{
"title": "Debian CVElist Bug Report Logs: wolfssl: CVE-2017-13099",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=56199568e08a4a88b5a4f0a0fa827165"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=aea3fcafd82c179d3a5dfa015e920864"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-203",
"trust": 1.0
},
{
"problemtype": "CWE-310",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"trust": 2.8,
"url": "https://github.com/wolfssl/wolfssl/pull/1229"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/102174"
},
{
"trust": 1.7,
"url": "https://robotattack.org/"
},
{
"trust": 1.7,
"url": "http://www.arubanetworks.com/assets/alert/aruba-psa-2018-002.txt"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"trust": 0.9,
"url": "http://cwe.mitre.org/data/definitions/203.html"
},
{
"trust": 0.8,
"url": "https://robotattack.org"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-meyer.pdf"
},
{
"trust": 0.8,
"url": "http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf"
},
{
"trust": 0.8,
"url": "https://www.cert.org/historical/advisories/ca-1998-07.cfm"
},
{
"trust": 0.8,
"url": "https://tools.ietf.org/html/rfc5246#section-7.4.7.1"
},
{
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171212-bleichenbacher"
},
{
"trust": 0.8,
"url": "https://support.citrix.com/article/ctx230238"
},
{
"trust": 0.8,
"url": "https://support.f5.com/csp/article/k21905460"
},
{
"trust": 0.8,
"url": "https://github.com/bcgit/bc-java/commit/a00b684465b38d722ca9a3543b8af8568e6bad5c"
},
{
"trust": 0.8,
"url": "https://github.com/matrixssl/matrixssl/blob/master/doc/changes.md"
},
{
"trust": 0.8,
"url": "https://support.microfocus.com/kb/doc.php?id=7022561"
},
{
"trust": 0.8,
"url": "https://community.rsa.com/docs/doc-85268"
},
{
"trust": 0.8,
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-13099"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/advisories/icsa-18-282-02"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu92438713/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-13099"
},
{
"trust": 0.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-282-02"
},
{
"trust": 0.3,
"url": "https://www.wolfssl.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884235"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"db": "BID",
"id": "102174"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#144389"
},
{
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"db": "BID",
"id": "102174"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-12T00:00:00",
"db": "CERT/CC",
"id": "VU#144389"
},
{
"date": "2017-12-13T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"date": "2017-12-12T00:00:00",
"db": "BID",
"id": "102174"
},
{
"date": "2018-01-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"date": "2017-12-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"date": "2017-12-13T01:29:00",
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-09T00:00:00",
"db": "CERT/CC",
"id": "VU#144389"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-13099"
},
{
"date": "2018-10-10T12:00:00",
"db": "BID",
"id": "102174"
},
{
"date": "2019-07-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-011590"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201712-574"
},
{
"date": "2019-10-09T23:23:00",
"db": "NVD",
"id": "CVE-2017-13099"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding",
"sources": [
{
"db": "CERT/CC",
"id": "VU#144389"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201712-574"
}
],
"trust": 0.6
}
}
CERTFR-2017-ALE-020
Vulnerability from certfr_alerte
[Mise à jour du 02/02/2018 : Ajout de l'avis de sécurité Aruba ARUBA-PSA-2018-002]
En 1998, le chercheur Daniel Bleichenbacher a découvert une vulnérabilité dans des implémentations du chiffrement RSA PKCS #1 v1.5 utilisé dans SSL.
Celle-ci permet une attaque à texte chiffré choisi. Après avoir passivement intercepté les communications entre un client et un serveur, un attaquant peut envoyer des requêtes mal formées à ce serveur, chiffrées avec la clé publique de celui-ci, dans le but d'obtenir des informations en fonction des messages d'erreurs reçus. Au bout d'un certain nombre de requêtes, l'attaquant est en mesure, sans deviner la clé privée, de récupérer la clé de session dans ses captures préalables et ainsi pouvoir déchiffrer les communications. Suivant les implémentations, ce nombre de requêtes varie de plusieurs dizaines de milliers à quelques millions. Cette attaque permet également de faire signer des messages arbitraires par le serveur.
Le 12 décembre 2017, des chercheurs ont publié leurs travaux sur cette vulnérabilité par le biais d'un site internet (cf. section Documentation) et d'un papier blanc (cf. section Documentation). En scannant internet, ils ont découvert que de nombreuses implémentations de piles TLS sont encore vulnérables, soit parce qu'elles n'ont pas été mises à jour, soit parce qu'il n'a pas été tenu compte des contre-mesures existantes.
Ces chercheurs estiment qu'une attaque de l'intercepteur actif (Mitm) est peu pratique à mettre en oeuvre à cause du temps requis pour récupérer la clé de session. En effet, celui-ci est de l'ordre de plusieurs secondes ; cela est suffisant pour une attaque hors ligne, mais trop long pour se placer discrètement dans une communication. Ils recommandent de désactiver le chiffrement RSA au profit de l'utilisation de l'algorithme de Diffie-Hellman en courbes elliptiques.
Le 30 janvier 2018, Aruba Networks a publié un avis de sécurité pour indiquer que les versions d'InstantOS antérieures à 6.5.4.6 étaient vulnérables (cf. section Documentation). La version 6.5.4.6 n'est cependant pas encore disponible et ne possède pas de date de sortie officielle.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Contournement provisoire
Le CERT-FR recommande l'utilisation des outils fournis par les chercheurs sur leur site (cf. section Documentation) afin de déterminer si des équipements sont vulnérables. D'un point de vue opérationnel, la désactivation du chiffrement RSA peut s'avérer compliquée. Il est aussi possible de surveiller les communications réseaux pour détecter des pics d'envois de messages erronés.
En cas de présence d'équipement vulnérable, les communications ne peuvent plus être considérées comme confidentielles. De même, on ne peut plus faire confiance aux messages signés par un serveur vulnérable.
Les chercheurs ont annoncé qu'ils disposaient d'une preuve de concept. Pour l'instant, celle-ci n'est pas disponible publiquement, mais ils ont annoncé qu'ils comptaient la publier après avoir laissé du temps supplémentaire aux constructeurs pour corriger cette faille.
Le CERT-FR recommande l'installation des correctifs dès que ceux-ci sont disponibles.
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Se r\u00e9f\u00e9rer \u00e0 la liste des produits affect\u00e9s sur le site du kd.cert.org (cf. section Documentation)",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2018-04-06",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\n## Contournement provisoire\n\nLe CERT-FR recommande l\u0027utilisation des outils fournis par les\nchercheurs sur leur site (cf. section Documentation) afin de d\u00e9terminer\nsi des \u00e9quipements sont vuln\u00e9rables. D\u0027un point de vue op\u00e9rationnel, la\nd\u00e9sactivation du chiffrement RSA peut s\u0027av\u00e9rer compliqu\u00e9e. Il est aussi\npossible de surveiller les communications r\u00e9seaux pour d\u00e9tecter des pics\nd\u0027envois de messages erron\u00e9s.\n\nEn cas de pr\u00e9sence d\u0027\u00e9quipement vuln\u00e9rable, les communications ne\npeuvent plus \u00eatre consid\u00e9r\u00e9es comme confidentielles. De m\u00eame, on ne peut\nplus faire confiance aux messages sign\u00e9s par un serveur vuln\u00e9rable.\n\nLes chercheurs ont annonc\u00e9 qu\u0027ils disposaient d\u0027une preuve de concept.\nPour l\u0027instant, celle-ci n\u0027est pas disponible publiquement, mais ils ont\nannonc\u00e9 qu\u0027ils comptaient la publier apr\u00e8s avoir laiss\u00e9 du temps\nsuppl\u00e9mentaire aux constructeurs pour corriger cette faille.\n\nLe CERT-FR recommande l\u0027installation des correctifs d\u00e8s que ceux-ci sont\ndisponibles.\n",
"cves": [
{
"name": "CVE-2017-13099",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13099"
},
{
"name": "CVE-2017-1000385",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000385"
},
{
"name": "CVE-2016-6883",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6883"
},
{
"name": "CVE-2017-17428",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17428"
},
{
"name": "CVE-2017-13098",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13098"
},
{
"name": "CVE-2012-5081",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
},
{
"name": "CVE-2017-6168",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6168"
},
{
"name": "CVE-2017-17382",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17382"
},
{
"name": "CVE-2017-17427",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17427"
}
],
"initial_release_date": "2017-12-13T00:00:00",
"last_revision_date": "2018-04-06T00:00:00",
"links": [
{
"title": "Avis CERT-FR CERTFR-2017-AVI-463",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2017-AVI-463/"
},
{
"title": "Return Of Bleichenbacher\u2019s Oracle Threat (ROBOT)",
"url": "https://eprint.iacr.org/2017/1189.pdf"
},
{
"title": "Liste \u00e9tendue de produits affect\u00e9s",
"url": "https://www.kb.cert.org/vuls/byvendor?searchview\u0026Query=FIELD+Reference=144389\u0026SearchOrder=4"
},
{
"title": "Avis de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2018-002 du 30 janvier 2018",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"title": "Avis CERT-FR CERTFR-2017-AVI-462",
"url": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2017-AVI-462/"
}
],
"reference": "CERTFR-2017-ALE-020",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-12-13T00:00:00.000000"
},
{
"description": "Ajout de l\u0027avis de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2018-002",
"revision_date": "2018-02-02T00:00:00.000000"
},
{
"description": "Cl\u00f4ture de l\u0027alerte",
"revision_date": "2018-04-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "\\[Mise \u00e0 jour du 02/02/2018 : Ajout de l\u0027avis de s\u00e9curit\u00e9 Aruba\nARUBA-PSA-2018-002\\]\n\nEn 1998, le chercheur\u00a0Daniel Bleichenbacher a d\u00e9couvert une\nvuln\u00e9rabilit\u00e9 dans des impl\u00e9mentations du chiffrement RSA PKCS \\#1 v1.5\nutilis\u00e9 dans SSL.\n\nCelle-ci permet une attaque \u00e0 texte chiffr\u00e9 choisi. Apr\u00e8s avoir\npassivement intercept\u00e9 les communications entre un client et un serveur,\nun attaquant peut envoyer des requ\u00eates mal form\u00e9es \u00e0 ce serveur,\nchiffr\u00e9es avec la cl\u00e9 publique de celui-ci, dans le but d\u0027obtenir des\ninformations en fonction des messages d\u0027erreurs re\u00e7us. Au bout d\u0027un\ncertain nombre de requ\u00eates, l\u0027attaquant est en mesure, sans deviner la\ncl\u00e9 priv\u00e9e, de r\u00e9cup\u00e9rer la cl\u00e9 de session dans ses captures pr\u00e9alables\net ainsi pouvoir d\u00e9chiffrer les communications. Suivant les\nimpl\u00e9mentations, ce nombre de requ\u00eates varie de plusieurs dizaines de\nmilliers \u00e0 quelques millions. Cette attaque permet \u00e9galement de faire\nsigner des messages arbitraires par le serveur.\n\nLe 12 d\u00e9cembre 2017, des chercheurs ont publi\u00e9 leurs travaux sur cette\nvuln\u00e9rabilit\u00e9 par le biais d\u0027un site internet (cf. section\nDocumentation) et d\u0027un papier blanc (cf. section Documentation). En\nscannant internet, ils ont d\u00e9couvert que de nombreuses impl\u00e9mentations\nde piles TLS sont encore vuln\u00e9rables, soit parce qu\u0027elles n\u0027ont pas \u00e9t\u00e9\nmises \u00e0 jour, soit parce qu\u0027il n\u0027a pas \u00e9t\u00e9 tenu compte des\ncontre-mesures existantes.\n\nCes chercheurs estiment qu\u0027une attaque de l\u0027intercepteur actif (Mitm)\nest peu pratique \u00e0 mettre en oeuvre \u00e0 cause du temps requis pour\nr\u00e9cup\u00e9rer la cl\u00e9 de session. En effet, celui-ci est de l\u0027ordre de\nplusieurs secondes ; cela est suffisant pour une attaque hors ligne,\nmais trop long pour se placer discr\u00e8tement dans une communication. Ils\nrecommandent de d\u00e9sactiver le chiffrement RSA au profit de l\u0027utilisation\nde l\u0027algorithme de Diffie-Hellman en courbes elliptiques.\n\nLe 30 janvier 2018, Aruba Networks a publi\u00e9 un avis de s\u00e9curit\u00e9 pour\nindiquer que les versions d\u0027InstantOS ant\u00e9rieures \u00e0 6.5.4.6 \u00e9taient\nvuln\u00e9rables (cf. section Documentation). La version 6.5.4.6 n\u0027est\ncependant pas encore disponible et ne poss\u00e8de pas de date de sortie\nofficielle.\n\n\u00a0\n",
"title": "Vuln\u00e9rabilit\u00e9 dans des impl\u00e9mentations de TLS",
"vendor_advisories": [
{
"published_at": null,
"title": "robotattack.org",
"url": "https://robotattack.org/"
}
]
}
fkie_cve-2017-13099
Vulnerability from fkie_nvd
Published
2017-12-13 01:29
Modified
2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt | Third Party Advisory | |
| cret@cert.org | http://www.kb.cert.org/vuls/id/144389 | Issue Tracking, Mitigation, Third Party Advisory, US Government Resource | |
| cret@cert.org | http://www.securityfocus.com/bid/102174 | Issue Tracking, Mitigation, Third Party Advisory, VDB Entry | |
| cret@cert.org | https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf | Third Party Advisory | |
| cret@cert.org | https://github.com/wolfSSL/wolfssl/pull/1229 | Issue Tracking, Patch, Third Party Advisory | |
| cret@cert.org | https://robotattack.org/ | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/144389 | Issue Tracking, Mitigation, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/102174 | Issue Tracking, Mitigation, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/wolfSSL/wolfssl/pull/1229 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://robotattack.org/ | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wolfssl | wolfssl | * | |
| siemens | scalance_w1750d_firmware | * | |
| siemens | scalance_w1750d | - | |
| arubanetworks | instant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C2A9A14-1B1B-4DE6-8FED-52D9AB890B80",
"versionEndExcluding": "3.12.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50A40BE1-05C5-4755-BDE9-17BA6A4F1953",
"versionEndExcluding": "8.3.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC30055-239F-4BB1-B2D1-E5E35F0D8911",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arubanetworks:instant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1985B038-1E77-4629-A52C-F0ACD78AF7FE",
"versionEndExcluding": "6.5.4.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\""
},
{
"lang": "es",
"value": "wolfSSL en versiones anteriores a la 3.12.2 proporciona un or\u00e1culo de Bleichenbacher d\u00e9bil cuando se negocia una suite de cifrado TLS que utiliza un intercambio de claves RSA. Un atacante puede recuperar la clave privada desde una aplicaci\u00f3n wolfSSL vulnerable. Esta vulnerabilidad es conocida como \"ROBOT\"."
}
],
"id": "CVE-2017-13099",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cret@cert.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-12-13T01:29:00.343",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102174"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
},
{
"source": "cret@cert.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://robotattack.org/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102174"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://robotattack.org/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-97gp-82pc-qc6x
Vulnerability from github
Published
2022-05-13 01:37
Modified
2025-04-20 03:49
Severity ?
VLAI Severity ?
Details
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
{
"affected": [],
"aliases": [
"CVE-2017-13099"
],
"database_specific": {
"cwe_ids": [
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-13T01:29:00Z",
"severity": "MODERATE"
},
"details": "wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as \"ROBOT.\"",
"id": "GHSA-97gp-82pc-qc6x",
"modified": "2025-04-20T03:49:53Z",
"published": "2022-05-13T01:37:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-13099"
},
{
"type": "WEB",
"url": "https://github.com/wolfSSL/wolfssl/pull/1229"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf"
},
{
"type": "WEB",
"url": "https://robotattack.org"
},
{
"type": "WEB",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/144389"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102174"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
cnvd-2018-00600
Vulnerability from cnvd
Title
wolfSSL信息泄露漏洞(CNVD-2018-00600)
Description
wolfSSL(前称CyaSSL)是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。
wolfSSL 3.12.2之前的版本中存在信息泄露漏洞。攻击者可利用该漏洞从wolfSSL应用程序中找回密钥。
Severity
中
VLAI Severity ?
Patch Name
wolfSSL信息泄露漏洞(CNVD-2018-00600)的补丁
Patch Description
wolfSSL(前称CyaSSL)是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。
wolfSSL 3.12.2之前的版本中存在信息泄露漏洞。攻击者可利用该漏洞从wolfSSL应用程序中找回密钥。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://github.com/wolfSSL/wolfssl/pull/1229
Reference
http://www.kb.cert.org/vuls/id/144389
Impacted products
| Name | wolfSSL wolfSSL <3.12.2 |
|---|
{
"bids": {
"bid": {
"bidNumber": "102174"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-13099"
}
},
"description": "wolfSSL\uff08\u524d\u79f0CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\r\n\r\nwolfSSL 3.12.2\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ecewolfSSL\u5e94\u7528\u7a0b\u5e8f\u4e2d\u627e\u56de\u5bc6\u94a5\u3002",
"discovererName": "Hanno Boeck, Juraj Somorovsky of Ruhr-Universit\u00c3\u00a4t Bochum / Hackmanit GmbH, and Craig Young of Tripwire VERT",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://github.com/wolfSSL/wolfssl/pull/1229",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2018-00600",
"openTime": "2018-01-09",
"patchDescription": "wolfSSL\uff08\u524d\u79f0CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\r\n\r\nwolfSSL 3.12.2\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u4ecewolfSSL\u5e94\u7528\u7a0b\u5e8f\u4e2d\u627e\u56de\u5bc6\u94a5\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "wolfSSL\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-00600\uff09\u7684\u8865\u4e01",
"products": {
"product": "wolfSSL wolfSSL \u003c3.12.2"
},
"referenceLink": "http://www.kb.cert.org/vuls/id/144389",
"serverity": "\u4e2d",
"submitTime": "2017-12-15",
"title": "wolfSSL\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2018-00600\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…