// For flags

CVE-2017-6168

 

Severity Score

7.4
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server's private key itself, aka a ROBOT attack.

En BIG-IP en las versiones desde la 11.6.0 hasta la 11.6.2 (solucionado en la versión 11.6.2 HF1), desde la 12.0.0 hasta la 12.1.2 HF1 (solucionado en la versión 12.1.2 HF2) o desde la 13.0.0 hasta la 13.0.0 HF2 (solucionado en la versión 13.0.0 HF3) un servidor virtual configurado con un perfil SSL de cliente puede ser vulnerable a un ataque adaptativo de texto cifrado escogido (también conocido como ataque Bleichenbacher) contra RSA. Cuando se explota este ataque, puede dar lugar a la recuperación de texto plano de mensajes cifrados y/o a un ataque Man-in-the-middle (MiTM), a pesar de que el atacante no haya obtenido acceso a la propia clave privada del servidor. Esto también se conoce como ataque ROBOT.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-02-21 CVE Reserved
  • 2017-11-17 CVE Published
  • 2023-05-08 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-203: Observable Discrepancy
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
F5
Search vendor "F5"
Big-ip Ltm
Search vendor "F5" for product "Big-ip Ltm"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Ltm" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Ltm
Search vendor "F5" for product "Big-ip Ltm"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Ltm" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Ltm
Search vendor "F5" for product "Big-ip Ltm"
13.0.0
Search vendor "F5" for product "Big-ip Ltm" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Application Acceleration Manager
Search vendor "F5" for product "Big-ip Application Acceleration Manager"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Application Acceleration Manager
Search vendor "F5" for product "Big-ip Application Acceleration Manager"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Application Acceleration Manager
Search vendor "F5" for product "Big-ip Application Acceleration Manager"
13.0.0
Search vendor "F5" for product "Big-ip Application Acceleration Manager" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Afm
Search vendor "F5" for product "Big-ip Afm"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Afm" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Afm
Search vendor "F5" for product "Big-ip Afm"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Afm" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Afm
Search vendor "F5" for product "Big-ip Afm"
13.0.0
Search vendor "F5" for product "Big-ip Afm" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Analytics
Search vendor "F5" for product "Big-ip Analytics"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Analytics" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Analytics
Search vendor "F5" for product "Big-ip Analytics"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Analytics" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Analytics
Search vendor "F5" for product "Big-ip Analytics"
13.0.0
Search vendor "F5" for product "Big-ip Analytics" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Apm
Search vendor "F5" for product "Big-ip Apm"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Apm" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Apm
Search vendor "F5" for product "Big-ip Apm"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Apm" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Apm
Search vendor "F5" for product "Big-ip Apm"
13.0.0
Search vendor "F5" for product "Big-ip Apm" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Asm
Search vendor "F5" for product "Big-ip Asm"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Asm" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Asm
Search vendor "F5" for product "Big-ip Asm"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Asm" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Asm
Search vendor "F5" for product "Big-ip Asm"
13.0.0
Search vendor "F5" for product "Big-ip Asm" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Link Controller
Search vendor "F5" for product "Big-ip Link Controller"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Link Controller" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Link Controller
Search vendor "F5" for product "Big-ip Link Controller"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Link Controller" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Link Controller
Search vendor "F5" for product "Big-ip Link Controller"
13.0.0
Search vendor "F5" for product "Big-ip Link Controller" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Big-ip Pem
Search vendor "F5" for product "Big-ip Pem"
>= 11.6.0 <= 11.6.2
Search vendor "F5" for product "Big-ip Pem" and version " >= 11.6.0 <= 11.6.2"
-
Affected
F5
Search vendor "F5"
Big-ip Pem
Search vendor "F5" for product "Big-ip Pem"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Big-ip Pem" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Big-ip Pem
Search vendor "F5" for product "Big-ip Pem"
13.0.0
Search vendor "F5" for product "Big-ip Pem" and version "13.0.0"
-
Affected
F5
Search vendor "F5"
Websafe
Search vendor "F5" for product "Websafe"
>= 12.0.0 <= 12.1.2
Search vendor "F5" for product "Websafe" and version " >= 12.0.0 <= 12.1.2"
-
Affected
F5
Search vendor "F5"
Websafe
Search vendor "F5" for product "Websafe"
11.6.2
Search vendor "F5" for product "Websafe" and version "11.6.2"
-
Affected
F5
Search vendor "F5"
Websafe
Search vendor "F5" for product "Websafe"
13.0.0
Search vendor "F5" for product "Websafe" and version "13.0.0"
-
Affected