ROBOT (Return of Bleichenbacher’s Oracle Threat) is the reappearance of a vulnerability in SSL/TLS that appeared first in 1998. This article explains, how you can prevent SSL ROBOT.

Security Assessment

Security Assessment Prevent SSL Robot

CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

ROBOT (Return of Bleichenbacher’s Oracle Threat) is the reappearance of a vulnerability in SSL/TLS that appeared first in 1998. Certain implementations of cypher suites using the RSA algorithm allow an attacker to fully break the confidentiality of the encryption.

Guides

To prevent ROBOT make sure that your SSL/TLS server is up-to-date. Try to not use RSA cypher suites that may be affected by the vulnerability. To disable these cypher suites, refer to Secure TLS Configuration