Beware of the ROBOT

15/06/2018
Author Avatar
Joeri Boonen
Senior System Engineer

ROBOT, the Return Of Bleichenbacher's Oracle Threat, is a vulnerability that affects TLS cipher modes that use RSA encryption. It allows performing unauthorized operations with the private key of a server, like decrypting the traffic. So what did we do? 

In the past weeks, we have noticed this vulnerability in many IBM Domino and Traveler servers. Upgrading to Domino 9.0.1 FP10 and Traveler 9.0.1.21 will provide necessary mitigation.

But very recently, we have also seen it in Citrix Netscalers. There are updates available for these devices that contain the required patches. To assess whether you are vulnerable to ROBOT, a test can be performed with https://robotattack.org or this tool.

Also, Qualys SSL Labs will set the grade for your host to F if the ROBOT vulnerability is detected. Once again this proves that frequent upgrading is essential to maintain the security of your infrastructure. Our clients with a managed services contract for security have already been patched. Will you be our next customer?

Current job openings

Sign up to our newsletter

Follow us

   

Share this article