CVE-2017-6168

Severity Score

7.4

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.

En BIG-IP en las versiones desde la 11.6.0 hasta la 11.6.2 (solucionado en la versión 11.6.2 HF1), desde la 12.0.0 hasta la 12.1.2 HF1 (solucionado en la versión 12.1.2 HF2) o desde la 13.0.0 hasta la 13.0.0 HF2 (solucionado en la versión 13.0.0 HF3) un servidor virtual configurado con un perfil SSL de cliente puede ser vulnerable a un ataque adaptativo de texto cifrado escogido (también conocido como ataque Bleichenbacher) contra RSA. Cuando se explota este ataque, puede dar lugar a la recuperación de texto plano de mensajes cifrados y/o a un ataque Man-in-the-middle (MiTM), a pesar de que el atacante no haya obtenido acceso a la propia clave privada del servidor. Esto también se conoce como ataque ROBOT.

*Credits: N/A

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-02-21 CVE Reserved
2017-11-17 CVE Published
2023-05-08 EPSS Updated
2024-08-05 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-203: Observable Discrepancy

CAPEC

References (5)

URL	Tag	Source
http://www.securityfocus.com/bid/101901	Third Party Advisory
http://www.securitytracker.com/id/1039839	Third Party Advisory
https://robotattack.org	Technical Description
https://www.kb.cert.org/vuls/id/144389	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://support.f5.com/csp/article/K21905460	2021-09-23

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
F5 Search vendor "F5"		Big-ip Ltm Search vendor "F5" for product "Big-ip Ltm"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Ltm" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Ltm Search vendor "F5" for product "Big-ip Ltm"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Ltm" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Ltm Search vendor "F5" for product "Big-ip Ltm"				13.0.0 Search vendor "F5" for product "Big-ip Ltm" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Application Acceleration Manager Search vendor "F5" for product "Big-ip Application Acceleration Manager"				13.0.0 Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Afm Search vendor "F5" for product "Big-ip Afm"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Afm" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Afm Search vendor "F5" for product "Big-ip Afm"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Afm" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Afm Search vendor "F5" for product "Big-ip Afm"				13.0.0 Search vendor "F5" for product "Big-ip Afm" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Analytics" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Analytics" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Analytics Search vendor "F5" for product "Big-ip Analytics"				13.0.0 Search vendor "F5" for product "Big-ip Analytics" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Apm Search vendor "F5" for product "Big-ip Apm"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Apm" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Apm Search vendor "F5" for product "Big-ip Apm"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Apm" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Apm Search vendor "F5" for product "Big-ip Apm"				13.0.0 Search vendor "F5" for product "Big-ip Apm" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Asm Search vendor "F5" for product "Big-ip Asm"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Asm" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Asm Search vendor "F5" for product "Big-ip Asm"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Asm" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Asm Search vendor "F5" for product "Big-ip Asm"				13.0.0 Search vendor "F5" for product "Big-ip Asm" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Link Controller" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Link Controller Search vendor "F5" for product "Big-ip Link Controller"				13.0.0 Search vendor "F5" for product "Big-ip Link Controller" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Big-ip Pem Search vendor "F5" for product "Big-ip Pem"				>= 11.6.0 <= 11.6.2 Search vendor "F5" for product "Big-ip Pem" and version " >= 11.6.0 <= 11.6.2"		-		Affected
F5 Search vendor "F5"		Big-ip Pem Search vendor "F5" for product "Big-ip Pem"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Big-ip Pem" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Big-ip Pem Search vendor "F5" for product "Big-ip Pem"				13.0.0 Search vendor "F5" for product "Big-ip Pem" and version "13.0.0"		-		Affected
F5 Search vendor "F5"		Websafe Search vendor "F5" for product "Websafe"				>= 12.0.0 <= 12.1.2 Search vendor "F5" for product "Websafe" and version " >= 12.0.0 <= 12.1.2"		-		Affected
F5 Search vendor "F5"		Websafe Search vendor "F5" for product "Websafe"				11.6.2 Search vendor "F5" for product "Websafe" and version "11.6.2"		-		Affected
F5 Search vendor "F5"		Websafe Search vendor "F5" for product "Websafe"				13.0.0 Search vendor "F5" for product "Websafe" and version "13.0.0"		-		Affected