5.9

CVE-2017-17382

EPSS 77.77%
Published 13.12.2017 16:29:00
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67.13, 11.0 before build 71.22, 11.1 before build 56.19, and 12.0 before build 53.22 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

Affected products Warnungen 0 Metrics 3 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Citrix ≫ Application Delivery Controller Firmware Version10.5

Citrix ≫ Application Delivery Controller Firmware Version11.0

Citrix ≫ Application Delivery Controller Firmware Version11.1

Citrix ≫ Application Delivery Controller Firmware Version12.0

Citrix ≫ Netscaler Gateway Firmware Version10.5

Citrix ≫ Netscaler Gateway Firmware Version11.0

Citrix ≫ Netscaler Gateway Firmware Version11.1

Citrix ≫ Netscaler Gateway Firmware Version12.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	77.77%	0.99

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

https://robotattack.org/

Third Party Advisory

https://www.kb.cert.org/vuls/id/144389

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/102173

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1039985

Third Party Advisory

VDB Entry

https://support.citrix.com/article/ctx230238

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-17382

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-17382

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-17382

EUVD