F5 Networks, Inc. Information for VU#144389

TLS implementations may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding

Status

Affected

Vendor Statement

F5 Networks made a public announcement of this issue today as CVE-2017-6168 – please see https://support.f5.com/csp/article/K21905460

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.f5.com/csp/article/K21905460

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.