CVE-2017-17841

Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
paloaltonetworkspan-os
6.1.0
paloaltonetworkspan-os
7.1.0
paloaltonetworkspan-os
7.1.1
paloaltonetworkspan-os
7.1.2
paloaltonetworkspan-os
7.1.3
paloaltonetworkspan-os
7.1.4
paloaltonetworkspan-os
7.1.4-h2
paloaltonetworkspan-os
7.1.5
paloaltonetworkspan-os
7.1.6
paloaltonetworkspan-os
7.1.7
paloaltonetworkspan-os
7.1.8
paloaltonetworkspan-os
7.1.9
paloaltonetworkspan-os
7.1.10
paloaltonetworkspan-os
7.1.11
paloaltonetworkspan-os
7.1.12
paloaltonetworkspan-os
7.1.13
paloaltonetworkspan-os
7.1.14
paloaltonetworkspan-os
8.0.0
paloaltonetworkspan-os
8.0.1
paloaltonetworkspan-os
8.0.2
paloaltonetworkspan-os
8.0.3
paloaltonetworkspan-os
8.0.4
paloaltonetworkspan-os
8.0.5
paloaltonetworkspan-os
8.0.6
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/102458
http://www.securitytracker.com/id/1040149
https://security.paloaltonetworks.com/CVE-2017-17841
http://www.securityfocus.com/bid/102458
http://www.securitytracker.com/id/1040149
https://security.paloaltonetworks.com/CVE-2017-17841