CVE-2018-5762

The TLS implementation in the TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 58.1 before 58.160, 59.1 before 059.1a.17 (IC #17), and 60.0 before 60.044 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
VendorProductVersion
unisysclearpath_mcp
58.1 ≤
𝑥
< 58.160
unisysclearpath_mcp
59.1 ≤
𝑥
< 059.1a.17
unisysclearpath_mcp
60.0 ≤
𝑥
< 60.044
𝑥
= Vulnerable software versions
References
https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=46
https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=46