Описание
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
Ссылки
- Third Party Advisory
- Issue TrackingMitigationThird Party AdvisoryUS Government Resource
- Issue TrackingMitigationThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
- Third Party Advisory
- Issue TrackingMitigationThird Party AdvisoryUS Government Resource
- Issue TrackingMitigationThird Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
7.5 High
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle ...
wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."
EPSS
7.5 High
CVSS3
5.9 Medium
CVSS3
4.3 Medium
CVSS2