Security Scanning has flagged our Cloud Proxy deployments with the following vulnerability:
TLS ROBOT Vulnerability Detected
CVE-2017-6168, CVE-2017-17382, CVE-2017-17427, CVE-2017-17428, CVE-2017-12373, CVE-2017-13098, CVE-2017-1000385, CVE-2017-13099, CVE-2016-6883, CVE-2012-5081
The TLS vulnerability is also known as Return of Bleichenbacher's Oracle Threat (ROBOT). ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. To detect this the vulnerable ciphers should be disabled.
Steps for disabling the vulnerable ciphers (https://qualys.secure.force.com/articles/How_To/000002963 )
An attacker could exploit this vulnerability by sending crafted TLS messages to the device, which would act as an oracle and allow the attacker to carry out a chosen-ciphertext attack.
Release : SAAS
Engineering has identified the issue.
This issue has been addressed in the latest HF. Cloud Proxy 2.0 HF.