ROBOT or Return Of Bleichenbacher Oracle Threat, allows attackers to decrypt ciphertexts or sign messages with the server’s private key, decrypt previously recorded sessions. This attack only affects server that are using TLS RSA ciphers. When running a SSL/TLS scan for vulnerability against your NetCommunity site, it may show failed for “Bleichenbacher vuln“ or ROBOT.
Blackbaud is aware of the recently re-identified ROBOT vulnerability affecting RSA encryption in the TLS protocol which could permit the interception of confidential information and later be decrypted. While this is not unique to Blackbaud, your security is always our priority, and we have taken additional measures within our own control to help mitigate any threats. As of April 2018, the ROBOT vulnerability has been addressed in our hosted environment. If you continue to see the issue listed on your scan, please chat with Support and reference this article. As a security best-practice, we recommend that you continue to operate from the most up-to-date version of your browser. We also encourage you to talk to all of your IT-related providers to ensure they too are taking the necessary measures to protect your information.