OpenSSL vulnerability

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2015-002 CVE-2015-0286 03/19/2015 medium v1

Vulnerability details

Several vulnerabilities have been disclosed in OpenSSL library.
Reported vulnerabilities:

  • CVE-2015-0291; CVE-2015-0204; CVE-2015-0290; CVE-2015-0207; CVE-2015-0286; CVE-2015-0208; CVE-2015-0287; CVE-2015-0289; CVE-2015-0292; CVE-2015-0293; CVE-2015-1787; CVE-2015-0285; CVE-2015-0209; CVE-2015-0288

Note that none of our products are impacted by critical vulnerabilities.

A current investigation reports that our products are impacted by the following vulnerability:

  • CVE-2015-0286: this vulnerability could cause a crash while performing certificate verification. It could be exploited to conduct denial of service attacks.

Impacted products

ProductsSeverityDetail
Stormshield Network Security medium The product embeds a vulnerable version of OpenSSL.
Stormshield Endpoint Security medium The product embeds a vulnerable version of OpenSSL.
Fast360 low The product embeds a vulnerable version of OpenSSL.
Netasq medium The product embeds a vulnerable version of OpenSSL.

Revisions

Version Date Description
v1  03/20/2015 Initial release


Stormshield Network Security

CVSS v2 Overall Score: 4.3      

Analysis

Impacted version

Stormshield Network Security (SNS) products embed a vulnerable version of the OpenSSL library, used by the proxy, vpn server and authentication portal. The CVE-2015-0286 vulnerability could allow a denial of service attack on these services, that crash and restart (services automatically restart on abnormal termination).
  • SNS 1.0.0 to 1.2.2

Workaround solution

Solution

There is no workaround solution.

The 1.3.0 update will fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None None None Partial
CVSS Base score: 5 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 3.7 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 4.3 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)


Stormshield Endpoint Security

CVSS v2 Overall Score: 4.3      

Analysis

Impacted version

The Stormshield Endpoint Security (SES) server can be reached through a TLS-enabled channel. This channel authenticates the client connecting to the server with a certificate. In this context, the CVE-2015-0286 vulnerability could allow an attacker to crash the SES server when connecting to the server with a specially-crafted certificate. A built-in mechanism automatically restarts the SES server process when an abnormal termination occurred. The SES agents still apply the last known security policy. Pending logs are kept on the agent until the server is available.
  • SES 6.0.17
  • SES 7.1.04

Workaround solution

Solution

There is no workaround solution.

6.0.18 and 7.1.05 updates are correcting this vulnerability are available since April 24th 2015.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None None None Partial
CVSS Base score: 5 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 3.7 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 4.3 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)


Fast360

CVSS v2 Overall Score: 3.2      

Analysis

Impacted version

Arkoon Fast360 products embed a vulnerable version of the OpenSSL library and serve its administration service through a TLS-enabled channel. This channel authenticates the client connecting to the server with certificates. Thus, the CVE-2015-0286 vulnerability could allow a denial of service attack on the administration service of Arkoon Fast360 products. Nevertheless, a built-in mechanism automatically restarts this service when an abnormal termination occurs. Arkoon Fast360 products still apply their last known configuration. The attack must be performed from the Administration Network.
  • Arkoon Fast360 5.0/1 to 5.0/32
  • Arkoon Fast360 6.0/1 to 6.0/6

Workaround solution

Solution

Ensure the Administration Network (“Admin from”) is set to be as restrictive as possible.

5.0/34 and 6.0/8 updates fix this vulnerability. You are strongly advised to update your appliances.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network Low None None None Partial
CVSS Base score: 3.3 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 2.4 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 3.2 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)


Netasq

CVSS v2 Overall Score: 4.3      

Analysis

Impacted version

Netasq products embed a vulnerable version of the OpenSSL library, used by the proxy, vpn server and authentication portal. The CVE-2015-0286 vulnerability could allow a denial of service attack on these services, that crash and restart (services automatically restart on abnormal termination).
  • Netasq 9.1.0 to 9.1.4

Workaround solution

Solution

There is no workaround solution.

The 9.1.5 update will fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None None None Partial
CVSS Base score: 5 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Official fix Confirmed
CVSS Temporal score: 3.7 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 4.3 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C/CDP:L/TD:H/CR:ND/IR:ND/AR:ND)