Diffie Hellman vulnerability Logjam
| Advisory ID | CVE Number | Date discovered | Severity | Advisory revision |
|---|---|---|---|---|
| STORM-2015-004 | CVE-2015-4000 | 05/20/2015 | medium | v1 |
Vulnerability details
A vulnerability, named Logjam, has been discovered in TLS. It is related to the ability to downgrade the prime size used for the Diffie-Hellman key exchange against the TLS Protocol.
The combination of the Logjam attack on TLS and the known Diffie-Hellman weakness could lead to a widely available attack that may impact secure communications with a man-in-the-middle attack.
This security advisory only deals with the downgrade to DHE_EXPORT during a Diffie-Hellman negotiation in TLS.
Impacted products
| Products | Severity | Detail |
|---|---|---|
| Stormshield Network Security | medium | The product uses TLS in the webadmin, the authentication portal and the SSL proxy. |
| Stormshield Data Security | low | The product could be configured to use weak Diffie-Hellman parameters. |
| Netasq | medium | The product uses TLS in the webadmin, the authentication portal and the SSL proxy. |
Revisions
| Version | Date | Description |
|---|---|---|
| v1 | 05/21/2015 | Initial release |
Stormshield Network Security |
CVSS v2 Overall Score: 5.7
|
Analysis |
Impacted version |
|
The webadmin, authentication portal and SSL proxy use TLS protocol to cipher data exchanges. During the TLS handshake, the Diffie-Hellman algorithm may be used to establish a shared secret. However, the prime length used for that operation is not restricted and small primes (<=1024) may be chosen. |
|
Workaround solution |
Solution |
|
For the Webadmin, the network admin can filter the access to allow connections from well known and safe networks. For the SSL vpn portal, there is no workaround solution. For the SSL proxy, there is no workaround solution. |
The versions v1.4 and v2.0 (release) will fix this vulnerability. |
| Access vector | Access complexity | Authentication | Confidentiality impact | Integrity impact | Availability impact |
|---|---|---|---|---|---|
| Network | Medium | None | None | Partial | None |
| CVSS Base score: 4.3 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) |
| Exploitability | Remediation Level | Report Confidence |
|---|---|---|
| Proof of concept code | Unavailable | Confirmed |
| CVSS Temporal score: 3.9 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:U/RC:C) |
| Collateral Damage Potential | Target Distribution |
|---|---|
| Low-Medium | High [76-100%] |
| CVSS Environmental score: 5.7 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:U/RC:C/CDP:LM/TD:H/CR:ND/IR:ND/AR:ND) |
Stormshield Data Security |
CVSS v2 Overall Score: 1.7
|
Analysis |
Impacted version |
|
The Stormshield Data Authority Manager use Diffie-Hellman to exchange key to encrypt sensitive data:
By default, the server uses the Group 5 so the Stormshield Data Authority Manager is not vulnerable. But the group could be configured in the “manager.ini” file with groups 1 or 2 (both vulnerable). Starting from versions 9.1.1, the Diffie-Hellman groups 1, 2 and 5 corresponding to the key sizes 768, 1024 and 1536 bits have been replaced by the recommended groups 5, 14, 15, 16, 17 and 18 corresponding to the key sizes 1536, 2048, 3072, 4096, 6144 and 8192 bits. |
|
Workaround solution |
Solution |
|
If using a vulnerable version, be sure to use Group 5 in the manager.ini, field “GroupDH” in “[Algo]” part. |
Stormshield Data Authority Manager 9.1.1 fixes this vulnerability. |
| Access vector | Access complexity | Authentication | Confidentiality impact | Integrity impact | Availability impact |
|---|---|---|---|---|---|
| Network | Medium | None | None | Partial | None |
| CVSS Base score: 4.3 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) |
| Exploitability | Remediation Level | Report Confidence |
|---|---|---|
| Proof of concept code | Official fix | Confirmed |
| CVSS Temporal score: 3.4 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C) |
| Collateral Damage Potential | Target Distribution |
|---|---|
| High | Low [0-25%] |
| CVSS Environmental score: 1.7 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:OF/RC:C/CDP:H/TD:L/CR:ND/IR:ND/AR:ND) |
Netasq |
CVSS v2 Overall Score: 5.7
|
Analysis |
Impacted version |
|
The webadmin, authentication portal and SSL proxy use TLS protocol to cipher data exchanges. During the TLS handshake, the Diffie-Hellman algorithm may be used to establish a shared secret. However, the prime length used for that operation is not restricted and small primes (<=1024) may be chosen. |
|
Workaround solution |
Solution |
|
For the Webadmin, the network admin can filter the access to allow connections from well known and safe networks. For the SSL vpn portal, there is no workaround solution. For the SSL proxy, there is no workaround solution. |
No update is planned for v8.0, v8.1, v8.2 and v9.0 versions. The v9.1.6 version will fix this issue. |
| Access vector | Access complexity | Authentication | Confidentiality impact | Integrity impact | Availability impact |
|---|---|---|---|---|---|
| Network | Medium | None | None | Partial | None |
| CVSS Base score: 4.3 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) |
| Exploitability | Remediation Level | Report Confidence |
|---|---|---|
| Proof of concept code | Unavailable | Confirmed |
| CVSS Temporal score: 3.9 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:U/RC:C) |
| Collateral Damage Potential | Target Distribution |
|---|---|
| Low-Medium | High [76-100%] |
| CVSS Environmental score: 5.7 | CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N/E:POC/RL:U/RC:C/CDP:LM/TD:H/CR:ND/IR:ND/AR:ND) |