What is the severity of CVE-2017-15533?

CVE-2017-15533 has a critical severity due to its potential for exploitation via the ROBOT attack.

How do I fix CVE-2017-15533?

To mitigate CVE-2017-15533, upgrade your Symantec SSL Visibility Appliance to version 3.10.4.1 or 3.12.2.1 and later.

Which versions are affected by CVE-2017-15533?

CVE-2017-15533 affects Symantec SSL Visibility versions 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1.

What is the ROBOT attack referenced in CVE-2017-15533?

The ROBOT attack exploits certain cryptographic weaknesses in SSL/TLS implementations by using weak oracles.

How can I determine if my system is vulnerable to CVE-2017-15533?

To check for vulnerability to CVE-2017-15533, verify the version of your Symantec SSL Visibility Appliance against the affected version list.

Vulnerability/
CVE-2017-15533

medium

5.9

CWE

203

17/5/2018

16/9/2024

CVE-2017-15533

First published: Thu May 17 2018(Updated: )

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1 are vulnerable to the Return of the Bleichenbacher Oracle Threat (ROBOT) attack. All affected SSLV versions act as weak oracles according the oracle classification used in the ROBOT research paper. A remote attacker, who has captured a pre-recorded SSL session inspected by SSLV, can establish multiple millions of crafted SSL connections to the target and obtain the session keys required to decrypt the pre-recorded SSL session.

Credit: secure@symantec.com

Affected Software	Affected Version	How to fix
Broadcom SSL Visibility Appliance	=3.8.4fc
Broadcom SSL Visibility Appliance	=3.10
Broadcom SSL Visibility Appliance	=3.11
Broadcom SSL Visibility Appliance	=3.12

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-15533?
CVE-2017-15533 has a critical severity due to its potential for exploitation via the ROBOT attack.
How do I fix CVE-2017-15533?
To mitigate CVE-2017-15533, upgrade your Symantec SSL Visibility Appliance to version 3.10.4.1 or 3.12.2.1 and later.
Which versions are affected by CVE-2017-15533?
CVE-2017-15533 affects Symantec SSL Visibility versions 3.8.4FC, 3.10 prior to 3.10.4.1, 3.11, and 3.12 prior to 3.12.2.1.
What is the ROBOT attack referenced in CVE-2017-15533?
The ROBOT attack exploits certain cryptographic weaknesses in SSL/TLS implementations by using weak oracles.
How can I determine if my system is vulnerable to CVE-2017-15533?
To check for vulnerability to CVE-2017-15533, verify the version of your Symantec SSL Visibility Appliance against the affected version list.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/author
agent/event
agent/description
agent/first-publish-date
agent/trending
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/broadcom
canonical/broadcom ssl visibility appliance
version/broadcom ssl visibility appliance/3.8.4fc
version/broadcom ssl visibility appliance/3.10
version/broadcom ssl visibility appliance/3.11
version/broadcom ssl visibility appliance/3.12

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.