TLS/SSL - TLS 1.0 PROTOCOL SUPPORTED, CVE-2011-3389

Published on August 3rd, 2017 | Last Update: August 3rd, 2017

 

Summary

Vulnerability scans of the ACOS management interface indicate that the HTTPS service support TLS sessions using TLS 1.0 protocol which is no longer considered capable of providing a sufficient level of security TLS sessions or complying with contemporary PCI (Payment Card Industry) security standards [3]. CVE-2011-3389 (aka BEAST attack) is a commonly referenced CVEs for this issue as the commonplace mitigation for this vulnerability is to disable TLS 1.0 support. Accordingly, the following vulnerabilities are addressed in this document.

Item Score
# Vulnerability ID Source Score Summary
1 tlsv1_0-enabled Rapid7 4 Severe TLS Server Supports TLS version 1.0 [1]
2 QID: 38628 Qualys 3 Serious SSL/TLS Server supports TLSv1.0 [2]
3 CVE-2011-3389 CVSS 2.0 4.3 Medium HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) [4]

 

Affected Releases

The table below indicates releases of ACOS exposed to these vulnerabilities and ACOS releases that address these issues or are otherwise unaffected by them.

Customers using affected ACOS releases can overcome vulnerability exposures by updating to the indicated resolved release. If the table does not list a corresponding resolved or unaffected release, then no ACOS release update is currently available.

Releases Affected Releases Resolved or Unaffected
  4.1.2, 4.1.1 (a)
  4.1.0 (a)
3.1.0-P1 – 3.1.4 3.1.4-P1
3.2.0 – 3.2.1-P1 3.2.2-P1
2.8.2 – 2.8.2-P8 2.8.2-P9 (b), 4.1.2 (a, c)
2.7.2 – 2.7.2-P10 2.7.2-P11 (b), 4.1.0 (a, c), 4.1.1 (a, c)
2.7.1-GR1 – 2.7.1-GR1-P1 2.7.2-P11 (b), 4.1.0 (a, c), 4.1.1 (a, c)
2.6.1-GR1 – 2.6.1-GR1-P16 2.7.2-P11 (b), 4.1.0 (a, c), 4.1.1 (a, c)

(a) Including all updates to the release(s).
(b) Partial Remediation. TLS 1.0, 1.1, and 1.2 are supported.
(c) Full Remediation. TLS 1.2 only is supported.

With the 2.7.2 and 2.8.2 resolved releases, the ACOS HTTPS management service additionally supports TLS 1.1 and 1.2 protocols. These releases continue to support the TLS 1.0 protocol to avoid impacting existing deployment environments with management applications dependent on this cipher.

To fully overcome vulnerability exposures associated with the TLS 1.0 protocol, the ACOS 4.1 resolved or unaffected releases are available for upgrade.

 

WORKAROUNDS AND MITIGATIONS

Common security best practices in the industry for network appliance management and control planes can enhance protection against remote malicious attacks. Limit the exploitable attack surface for critical, infrastructure, networking equipment through the use of access lists or firewall filters to and from only trusted, administrative networks or hosts.

 

SOFTWARE UPDATES

Software updates that address these vulnerabilities are or will be published at the following URL:
http://www.a10networks.com/support/axseries/software-downloads

 

VULNERABILITY DETAILS

The following table shares brief descriptions for the vulnerabilities addressed in this document.

Vulnerability ID Description
tlsv1_0-enabled   The PCI (Payment Card Industry) Data Security Standard requires a minimum of TLS v1.1 and recommends TLS v1.2. In addition, FIPS 140-2 standard requires a minimum of TLS v1.1 and recommends TLS v1.2.
 
QID: 38628   TLS is capable of using a multitude of ciphers (algorithms) to create the public and private key pairs.
For example if TLSv1.0 uses either the RC4 stream cipher, or a block cipher in CBC mode.
RC4 is known to have biases and the block cipher in CBC mode is vulnerable to the POODLE attack.
TLSv1.0, if configured to use the same cipher suites as SSLv3, includes a means by which a TLS implementation can downgrade the connection to SSL v3.0, thus weakening security.
A POODLE-type (https://blog.qualys.com/ssllabs/2014/12/08/poodle-bites-tls) attack could also be launched directly at TLS without negotiating a downgrade.
This QID will be marked as a Fail for PCI as of November 1st, 2016 in accordance with the new standards. For existing implementations, Merchants will be able to submit a PCI False Positive / Exception Request and provide proof of their Risk Mitigation and Migration Plan, which will result in a pass for PCI up until June 30th, 2018.
Further details can be found at: NEW PCI DSS v3.2 and Migrating from SSL and Early TLS v1.1 (https://community.qualys.com/message/34120).
 
CVE-2011-3389   The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

 

RELATED LINKS

Ref # General Link
[1] Rapid7: TLS Server Supports TLS version 1.0
[2] QID 38628 - Server Supports TLS 1 Severity 3
[3] PCI Security Standards Council - Information Supplement - Migrating from SSL and Early TLS
[4] NIST NVD, CVE-2011-3389

 

ACKNOWLEDGEMENTS

None

 

MODIFICATION HISTORY

Revision Date Description
1.0 2017-08-03 Initial Publication
Thursday, August 3, 2017