QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-12373

Back to search

CVE-2017-12373

Published: Dec 15, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.

VendorProductVersions

n/a

Cisco legacy ASA 5500 products TLS protocol implementation

affected
Cisco legacy ASA 5500 products TLS protocol implementation

Weaknesses (CWE)

CWE-200

References

102170
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now