Return Of Bleichenbachers Oracle Threat ROBOT Information Disclosure CVE-ID-CVE-2017-6168

Back to discussions

Expand all | Collapse all

Return Of Bleichenbachers Oracle Threat ROBOT Information Disclosure CVE-ID-CVE-2017-6168

Jump to Best Answer

1. Return Of Bleichenbachers Oracle Threat ROBOT Information Disclosure CVE-ID-CVE-2017-6168

0 Recommend
Anon Anon
Posted Aug 07, 2018 03:35 AM

Reply Reply Privately
Hi,

I have revised the vulnerability, i found Return Of Bleichenbacher's Oracle Threat (ROBOT) Information Disclosure ( CVE ID:CVE-2017-6168 ) vulnerability.

i have gone through vulnerability solution, they mentioned For ROBOT attack we are affected to this issue and we have work around of disabling the RSA ciphers in the SSL profile.

Please help us how disable the RSA cipher in the SSL update.

Model is : ADX 1008-1-PREM

Regards,

Viru

Admin edited subject line removing bad characters

#TheWaterCooler
2. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29
Best Answer

0 Recommend
Antonio Bongiorno
Posted Aug 07, 2018 04:47 AM

Reply Reply Privately
@viru

ADX platforms are end of life / end of service and not longer supported by brocade.

#TheWaterCooler
3. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

0 Recommend
Deactivated User
Posted Aug 07, 2018 04:54 AM

Reply Reply Privately
Hi Antonio,

Thanks for the update.

Yes device is EOL/EOS but we got this vulnerability. We need to disable the cipher key is SSL. can u please guide us how to disable it.

Regards,
Viru

#TheWaterCooler
4. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

1 Recommend
Antonio Bongiorno
Posted Aug 07, 2018 08:11 AM

Reply Reply Privately
@Deactivated User @viru

not that I should know, bt there is not workaround.

such defect are affected to Firmware/Microcode Upgrade, however since the ADX are no longer supported there is new Firmware available that Fixed the Defect.

Latest Release is 12.5.0.2p from August 1, 2017, and I don't know if this release contained a Patch.

hope that help.

#TheWaterCooler

The Water Cooler

Return Of Bleichenbachers Oracle Threat ROBOT Information Disclosure CVE-ID-CVE-2017-6168

Anon AnonAug 07, 2018 03:35 AM

Antonio BongiornoAug 07, 2018 04:47 AMBest Answer

Deactivated UserAug 07, 2018 04:54 AM

Antonio BongiornoAug 07, 2018 08:11 AM

1. Return Of Bleichenbachers Oracle Threat ROBOT Information Disclosure CVE-ID-CVE-2017-6168

2. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29 Best Answer

3. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

4. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

2. Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29
Best Answer