CVE-2017-12373 - AskarLabs CVE Database

CVE-2017-12373

Vendor N/A

Product Cisco legacy ASA 5500 products TLS protocol implementation

Weakness CWE-200 · Info exposure

Published December 15, 2017

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the TLS protocol implementation of legacy Cisco ASA 5500 Series (ASA 5505, 5510, 5520, 5540, and 5550) devices could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack. An attacker could iteratively query a server running a vulnerable TLS stack implementation to perform cryptanalytic operations that may allow decryption of previously captured TLS sessions. Cisco Bug IDs: CSCvg97652.

Key dates

02Disclosure timeline

December 15, 2017 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-12373

Related vulnerabilities

04Related CVE

CVE-2025-20345 Cisco Duo Authentication Proxy Information Disclosure Vulnerability CVE-2024-55875 http4k has a potential XXE (XML External Entity Injection) vulnerability CVE-2024-34005 moodle: authenticated LFI risk in some misconfigured shared hosting environments via modified mod_data backup CVE-2026-2295 WPZOOM Addons for Elementor – Starter Templates & Widgets <= 1.3.2 - Unauthenticated Protected Post Exposure via ajax_post_grid_load_more CVE-2021-3800