OpenSSL vulnerability [CVE-2015-1789]

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2015-006 CVE-2015-1789 06/12/2015 medium v1

Vulnerability details

A new vulnerability has been discovered on OpenSSL tool. This vulnerability could lead to a denial of service from applications checking the validity of malformed X509 certificates and CRL.

Products

ProductSeverityDetail
Stormshield Network Security medium SNS uses a vulnerable version of OpenSSL
Stormshield Endpoint Security low SES uses a vulnerable version of OpenSSL
Stormshield Data Security

None

OpenSSL tool is not used in SDS
Fast360 medium Fast360 uses a vulnerable version of OpenSSL
Netasq medium Netasq uses a vulnerable version of OpenSSL

Revisions

Version Date Description
v1  06/17/2015 Initial release


Stormshield Network Security

CVSS Overall Score: 4.2      

Analysis

Impacted version

The authentication portal and webadmin use SSL authentication. In this context, the CVE-2015-1789 vulnerability could allow an attacker to crash authentication modules if connecting with a malformed certificate. Same for the SSL proxy.

  • SNS v1.0 to v1.3.2
  • SNS v2.1

Workaround solution

Solution

There is no workaround solution.

The v1.3.3 and v2.1.1 will fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None None None Partial
CVSS Base score: 5 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Unavailable Confirmed
CVSS Temporal score: 4.2 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C)
Collateral Damage Potential Target Distribution
None High [76-100%]
CVSS Environmental score: 4.2 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C/CDP:N/TD:H)


Stormshield Endpoint Security

CVSS Overall Score: 3.4      

Analysis

Impacted version

The Stormshield Endpoint Security (SES) server can be reached through a TLS-enabled channel. This channel authenticates the client connecting to the server with a certificate. In this context, the CVE-2015-1789 vulnerability could allow an attacker to crash the SES server if connecting to the server with a specially-crafted certificate.

  • SES v6.0.18
  • SES v7.1.05
  • SES v7.2.01

Workaround solution

Solution

A built-in mechanism automatically restarts the SES server process when an abnormal termination occurred.

6.0.19, 7.1.06 and 7.2.02 updates correcting this vulnerability will be available on July 24th 2015.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Adjacent Network Low None None None Partial
CVSS Base score: 3.3 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Workaround Confirmed
CVSS Temporal score: 2.7 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:W/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 3.4 CVSS Vector: (AV:A/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:W/RC:C/CDP:L/TD:H)


Fast360

CVSS Overall Score: 4.6      

Analysis

Impacted version

The SSL/TLS module checks the validity of X509 certificates. A malformed certificate could lead to a crash in the firewall configuration using the SSL/TLS module.

  • Arkoon Fast360 5.0/1 to 5.0/34
  • Arkoon Fast360 6.0/1 to 6.0/8

Workaround solution

Solution

Disable X509 verification by checking option “disable-x509-verification” in FAST SSL/TLS module.

5.0/35 and 6.0/9 updates will fix this vulnerability. You are strongly advised to update your appliances.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None None None Partial
CVSS Base score: 5 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Workaround Confirmed
CVSS Temporal score: 4 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:W/RC:C)
Collateral Damage Potential Target Distribution
Low High [76-100%]
CVSS Environmental score: 4.6 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:W/RC:C/CDP:L/TD:H)


Netasq

CVSS Overall Score: 4.2      

Analysis

Impacted version

The authentication portal and webadmin use SSL authentication. In this context, the CVE-2015-1789 vulnerability could allow an attacker to crash authentication modules if connecting with a malformed certificate. Same for the SSL proxy.

  • Netasq v8.0.0 and above
  • Netasq v9.0.0 and above
  • Netasq v9.1.0 to v9.1.5.1

Workaround solution

Solution

There is no workaround solution.

The v9.1.5.2 will fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None None None Partial
CVSS Base score: 5 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Remediation Level Report Confidence
Unproven that exploit exists Unavailable Confirmed
CVSS Temporal score: 4.2 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C)
Collateral Damage Potential Target Distribution
None High [76-100%]
CVSS Environmental score: 4.2 CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:U/RC:C/CDP:N/TD:H)