ROBOT Vulnerability

Use this Forum to post your “How to …” questions about your use of aXes. This is not a technical support forum. Both the aXes Support Team at LANSA and other aXes customers may answer your questions. LANSA cannot guarantee the accuracy of any information posted by customers.

Moderator: jeanmichel

Post Reply
jaimosky
Posts: 11
Joined: 30 May 2017, 16:48

ROBOT Vulnerability

Post by jaimosky » 10 Jan 2018, 22:38

Hi,

I know it is out of scope, but anyone knows how to solve the vulnerability ROBOT?
Anybody had done this before?

Thanks a lot.
Jaime

jaimosky
Posts: 11
Joined: 30 May 2017, 16:48

Re: ROBOT Vulnerability

Post by jaimosky » 12 Jan 2018, 20:12

I have just read this paper in internet.

http://www-01.ibm.com/support/docview.w ... as2MA46852

The only way to do that is to disable the RSA key exchange cipher suites.

User avatar
jeanmichel
Posts: 75
Joined: 23 May 2014, 11:37
Location: Sydney

Re: ROBOT Vulnerability

Post by jeanmichel » 15 Jan 2018, 09:38

Hi,

Yes it appears that this type of attacks targets TLS-RSA or RSA ciphers and the only way to prevent this is to disable these ciphers in the QSSLCSL system value.
Regards,

Jean-Michel Rapin

LANSA Pty Ltd
email: JeanMichel.Rapin@lansa.com.au
Address: 122 Arthur Street, North Sydney, NSW 2060, Australia
Tel: +61 289 070 262 http://www.lansa.com | http://blog.lansa.com |

Post Reply