Following a pendtration test executed against CA IDentity Manager (Symantec IGA) the "RETURN OF BLEICHENBACHERS ORACLE THREAT (ROBOT)INFORMATION DISCLOSURE" vulnerability was falgged.
Release : 14.2
Component : IdentityMinder(Identity Manager)
RETURN OF BLEICHENBACHERS ORACLE THREAT (ROBOT)INFORMATION DISCLOSURE
This only affects TLS cipher modes that use RSA encryption. Most modern TLS connections use an Elliptic Curve Diffie Hellman key exchange and need RSA only for signatures. See the following article for more information.
The mitigation recommended is to disable RSA encryption. Specifically, all ciphers that start with TLS_RSA. It does not include the ciphers that use RSA signatures and include DHE or ECDHE in their name. These ciphers are not affected by our attack.
For information on securing TLS please refer to the product documentation.