search cancel

Cloud Proxy is flagged for Security Vulnerability on Isengard SSL port 5443

book

Article ID: 230019

calendar_today

Updated On:

Products

DX SaaS

Issue/Introduction

Security Scanning has flagged our Cloud Proxy deployments with the following vulnerability:

 

TLS ROBOT Vulnerability Detected

CVE-2017-6168, CVE-2017-17382, CVE-2017-17427, CVE-2017-17428, CVE-2017-12373, CVE-2017-13098, CVE-2017-1000385, CVE-2017-13099, CVE-2016-6883, CVE-2012-5081

The TLS vulnerability is also known as Return of Bleichenbacher's Oracle Threat (ROBOT). ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. To detect this the vulnerable ciphers should be disabled. 

Steps for disabling the vulnerable ciphers (https://qualys.secure.force.com/articles/How_To/000002963 )

An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack.

 

 

Environment

Release : SAAS

Component :

Cause

Engineering has identified the issue. 

Resolution

This issue has been addressed in the latest HF. Cloud Proxy 2.0 HF.