CVE-2017-17841
published 2018-01-10CVE-2017-17841: Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or…
PriorityP432medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EPSS
2.41%
82.0th percentile
Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
Affected
25 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
ROBOT attack against PAN-OS
vendor_paloalto·2018-01-02·CVSS 5.9
CVE-2017-17841 [MEDIUM] ROBOT attack against PAN-OS
ROBOT attack against PAN-OS
ROBOT is an attack that affects the TLS RSA key exchange and could lead to decryption of captured sessions if the TLS server originally serving said captured session is still alive, vulnerable and using the same private key. (PAN-89936 / CVE-2017-17841)
While SSL Decryption and GlobalProtect are susceptible to this issue, PAN-OS can be protected with use of content update 757, and further mitigated through the configuration changes described below under "Workarounds and Mitigations".
This issue affects PAN-OS 6.1.19 and earlier, PAN-OS 7.1.14 and earlier, PAN-OS 8.0.6-h3 and earlier
Affected products: PAN-OS
Solution: This issue is fixed in PAN-OS 6.1.20, PAN-OS 7.1.15, PAN-OS 8.0.7, and all later PAN-OS versions.
Workaround: Customers running PAN-OS 7.1 or
GHSA
GHSA-f3c4-7m99-h392: Palo Alto Networks PAN-OS 6
ghsa_unreviewed·2022-05-13
CVE-2017-17841 [MEDIUM] GHSA-f3c4-7m99-h392: Palo Alto Networks PAN-OS 6
Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-01-10
Published