CVE-2017-17428 - OpenCVE

Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:C/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Adaptive Security Appliance 5540 Firmware Ace 4710 Application Control Engine Adaptive Security Appliance 5505 Adaptive Security Appliance 5540 Adaptive Security Appliance 5550 Firmware Ace30 Application Control Engine Module Firmware Ace4710 Application Control Engine Firmware Adaptive Security Appliance 5520 Firmware Adaptive Security Appliance 5550 Adaptive Security Appliance 5505 Firmware Ace30 Application Control Engine Module Adaptive Security Appliance 5510 Adaptive Security Appliance 5510 Firmware Webex Meetings Webex Conect Im Adaptive Security Appliance 5520
Cavium	Nitrox Ssl Sdk Turbossl Sdk Octeon Sdk Nitrox V Ssl Sdk Octeon Ssl Sdk

Configuration 1 [-]

OR	cpe:2.3:a:cavium:nitrox_ssl_sdk::::::::
	cpe:2.3:a:cavium:nitrox_v_ssl_sdk::::::::
	cpe:2.3:a:cavium:octeon_sdk::::::::
	cpe:2.3:a:cavium:octeon_ssl_sdk::::::::
	cpe:2.3:a:cavium:turbossl_sdk::::::::

Configuration 2 [-]

OR	cpe:2.3:a:cisco:webex_conect_im:7.24.1:::::::*
	cpe:2.3:a:cisco:webex_meetings:t31:::::::*
	cpe:2.3:a:cisco:webex_meetings:t32:::::::*

Configuration 3 [-]

AND

OR	cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(2.0\):::::::*
	cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(3.0\):::::::*
	cpe:2.3:o:cisco:ace4710_application_control_engine_firmware:3.0\(0\)a5\(3.5\):::::::*

cpe:2.3:h:cisco:ace_4710_application_control_engine:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(2.0\):::::::*
	cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(3.0\):::::::*
	cpe:2.3:o:cisco:ace30_application_control_engine_module_firmware:3.0\(0\)a5\(3.5\):::::::*

cpe:2.3:h:cisco:ace30_application_control_engine_module:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:cisco:adaptive_security_appliance_5520_firmware:9.1\(7.16\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance_5520:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:cisco:adaptive_security_appliance_5540_firmware:9.1\(7.16\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance_5540:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:cisco:adaptive_security_appliance_5550_firmware:9.1\(7.16\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance_5550:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:cisco:adaptive_security_appliance_5510_firmware:9.1\(7.16\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance_5510:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:cisco:adaptive_security_appliance_5505_firmware:9.1\(7.16\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance_5505:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/102170	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039984	Third Party Advisory VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher	Third Party Advisory
https://www.cavium.com/security-advisory-cve-2017-17428.html	Vendor Advisory
https://www.kb.cert.org/vuls/id/144389	Third Party Advisory US Government Resource