For more details, please see ourCookie Policy.


Info & Feedback

Reply
Highlighted
New Member
Posts: 1
Registered: ‎08-07-2018
Accepted Solution

Return Of Bleichenbachers Oracle Threat ROBOT Information Disclosure CVE-ID-CVE-2017-6168

[ Edited ]

Hi,

 

I have revised the vulnerability, i found Return Of Bleichenbacher's Oracle Threat (ROBOT) Information Disclosure ( CVE ID:CVE-2017-6168 ) vulnerability.

 

i have gone through vulnerability solution, they mentioned For ROBOT attack we are affected to this issue and we have work around of disabling the RSA ciphers in the SSL profile.

 

Please help us how disable the RSA cipher in the SSL update.

 

Model is : ADX 1008-1-PREM

 

 

 

Regards,

Viru

 

Admin edited subject line removing bad characters 

External Moderator
Posts: 5,547
Registered: ‎02-23-2004

Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

@viru

 

ADX platforms are end of life / end of service and not longer supported by brocade.

TechHelp24
New Member
Posts: 1
Registered: ‎08-07-2018

Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

Hi Antonio,

 

Thanks for the update.

 

Yes device is EOL/EOS but we got this vulnerability. We need to disable the cipher key is SSL. can u please guide us how to disable it.

 

 

Regards,

Viru

External Moderator
Posts: 5,547
Registered: ‎02-23-2004

Re: Return Of Bleichenbacher%27s Oracle Threat %28ROBOT%29 Information Disclosure %28 CVE ID%3ACVE-2017-6168 %29

@Viru1 @viru

 

not that I should know, bt there is not workaround.

 

such defect are affected to Firmware/Microcode Upgrade, however since the ADX are no longer supported there is new Firmware available that Fixed the Defect.

 

Latest Release is 12.5.0.2p from August 1, 2017, and I don't know if this release contained a Patch.

 

hope that help.

TechHelp24

Join the Broadcom Community

Get quick and easy access to valuable resources across the Broadcom Community Network.