[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ESA-2016-094: RSA BSAFE Micro Edition Suite Multiple Vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

ESA-2016-094: RSA BSAFE® Micro Edition Suite Multiple Vulnerabilities

EMC Identifier:  ESA-2016-094

CVE Identifier:  CVE-2016-0923, CVE-2016-0924
 
Affected Products:
?	RSA BSAFE Micro Edition Suite (MES) all 4.1.x versions prior to 4.1.5
?	RSA BSAFE Micro Edition Suite (MES) all 4.0.x versions prior to 4.0.9
 
Unaffected Products:
?	RSA BSAFE Micro Edition Suite (MES) 4.1.5
?	RSA BSAFE Micro Edition Suite (MES) 4.0.9
?	RSA BSAFE SSL-C all versions
 
Summary:
RSA announces security fixes to RSA BSAFE Micro Edition Suite designed to address Security Losses from Obsolete and Truncated Transcript Hashes (SLOTH) attack on TLS 1.2.
 
Details:
?	Incorrectly ordered signature algorithm list vulnerability - CVE-2016-0923
A client application using BSAFE MES will send the signature algorithms list in ascending order of strength. If the server selects the first signature algorithm from the list, the connection might be compromised because of the negotiation of weak algorithms.
CVSS v3 Base Score: 4.8 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

?	SLOTH Vulnerability - CVE-2016-0924
For TLS 1.2 capable toolkits an attack is carried out by forcing a hash-construction downgrade to MD5 thus reducing expected security during a TLS connection. This class of attack is called ?transcript collision?. The attack relies on the use of an obsolete hash construction such as MD5 in TLS 1.2. (Similar to CVE-2015-7575).
CVSS v3 Base Score: 5.9 (AV:N/AC:H/PR:N/UI:N/S:U//C:H/I:N/A:N)
 
Recommendation:
?	RSA BSAFE Micro Edition Suite (MES) 4.1.5
?	RSA BSAFE Micro Edition Suite (MES) 4.0.9

RSA recommends affected customers upgrade to the versions listed above at the earliest opportunity.

The following workaround is available for CVE-2016-0924:
One option is to operate in FIPS 140 mode. Note that this means using FIP140 mode instead of FIPS 140 SSL mode. RSA-MD5 is not available in FIPS mode.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJYiiGiAAoJEHbcu+fsE81ZXVAH/jDEmF6LIEr28VN/4Mmtkkt0
4pWtwc2v+WB66cDY/Mtyxhs/ZafMWbbElCSb5yVORNfqaoiFK1YnD3rqJqkAYcIb
3RAHhHSSW4Y+Ojh9HOEEADQdVg1V4TA8UCbDJgfZ1pJaAUsVEqP//hR2oK/Uvu4y
9y4hN9jbb5sMUTes4pP+7v3p9lbFe3jzRQCjEJySjLFn7cCevzyxEaDMylLKuwV9
UtDudb1ujkA2TVDwefBEQF1hUMI2PSdO1HEHRti7xCH4aOEg9XQoqTlbtJfhMweb
oYqOiHczIJF0TY6RFT+z9lrWvOeZlzlRn1WN9W+m28DpFhHodVAPNQwtOVaW8Vg=
=Oi4J
-----END PGP SIGNATURE-----