Cisco Information for VU#144389

TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Cisco ACE is affected, and assigned CVE-2017-17428

Cisco ASA is affected and assigned CVE-2017-12373
Please see Cisco's security advisory for full vendor statement.

Vendor References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.