SA91 : FREAK Attack
SUMMARY
The FREAK attack allows an attacker to substantially degrade the strength of the encryption used in SSL/TLS connections using CVE-2015-0204 previously reported as part of SA88. Blue Coat products using affected versions of OpenSSL or that enable export grade ciphers are vulnerable. A remote attacker may use this attack to view and/or alter information sent during an SSL/TLS session.
AFFECTED PRODUCTS
The following products are vulnerable:
BCAAA
BCAAA 5.5 and 6.1 are vulnerable when configured to use the CoreID or the Novell SSO.
CacheFlow
CacheFlow 2.x and 3.x prior to 3.4.2.1 are vulnerable to CVE-2015-0204. Export grade ciphers are enabled by default. In 3.4.2.1, both SSL v2, SSL v3, and export grade cipher suites are disabled by default for newly reinitialized systems.
Content Analysis System
CAS 1.1 prior to 1.1.5.6 and CAS 1.2 prior to 1.2.3.1 are vulnerable to CVE-2015-0204. CAS 1.3 and later releases are not vulnerable to CVE-2015-0204. Export grade ciphers are disabled in CAS 1.1 and later releases.
Director
Director 6.1 prior to 6.1.18.1 is vulnerable to CVE-2015-0204. Export grade cipher suites are disabled by default.
IntelligenceCenter
IC 3.2 and 3.3 are vulnerable.
IntelligenceCenter Data Collector
DC 3.2 and 3.3 are vulnerable.
Malware Analysis Appliance
MAA 4.2.1 prior to 4.2.2, and 4.1.x are vulnerable to CVE-2015-0204. Export grade ciphers are disabled in both 4.2.x and 4.1.x.
Malware Analyzer G2
All versions of MAG2 are vulnerable to CVE-2015-0204. Export grade ciphers are disabled.
Management Center
MC 1.x prior to 1.3.2.1 enables export grade ciphers by default for SSL/TLS clients. MC 1.4 and later releases are not vulnerable.
PacketShaper
All versions of PacketShaper prior to 9.2.11 are vulnerable to CVE-2015-0204. PacketShaper prior to 9.2.13p2 also enables export grade ciphers by default for all SSL/TLS interfaces. See Workarounds section for instructions to disable export grade ciphers in PacketShaper 9.2.4 and later versions.
PolicyCenter
All versions of PolicyCenter prior to 9.2.11 are vulnerable to CVE-2015-0204. PolicyCenter prior to 9.2.13p2 also enables export grade ciphers by default for all SSL/TLS interfaces. See Workarounds section for instructions to disable export grade ciphers in PolicyCenter 9.2.4 and later versions.
ProxyAV
ProxyAV 3.5 prior to 3.5.3.1 and 3.4 prior to 3.4.3.1 are vulnerable to CVE-2015-0204. Export grade ciphers are disabled in both 3.5 and 3.4.
ProxyClient
ProxyClient 3.3 and 3.4 are vulnerable.
ProxySG
SGOS 6.6, 6.5, 6.2, and 5.5 are vulnerable in all SSL/TLS interfaces. Export grade ciphers are enabled by default, but can be disabled. All versions of 6.6 prior to 6.6.2.1, 6.5 prior to 6.5.7.1, and 6.2 prior to 6.2.16.3 are vulnerable. SGOS 6.7 is not vulnerable.
Reporter
Reporter 9.4 and 9.5 are vulnerable. Reporter 10.1 and later are not vulnerable.
Security Analytics
SA 6.6 prior 6.6.11, 7.0, and 7.1 prior to 7.1.7 are vulnerable to CVE-2015-0204. Export grade ciphers are enabled by default and cannot be disabled. SA 7.2 and later releases are not vulnerable.
SSL Visibility
SSLV 3.5.2, 3.7, and 3.8 prior to 3.8.3 are vulnerable. SSLV 3.8.4FC and later versions are not vulnerable.
Unified Agent
UA 4.1 is vulnerable. UA 4.6 and 4.7 are not vulnerable.
X-Series
XOS 9.6, 9.7, 10.0, and 11.0 do not enable export grade cipher suites. XOS 9.6, 9.7, 10.0 prior to 10.0.6, and 11.0 prior to 11.0.2 are vulnerable to CVE-2015-0204. These releases include vulnerable versions of OpenSSL however the only SSL/TLS enabled service shipped with XOS is an embedded web server and it does not use OpenSSL. Third party applications running on XOS could make use of vulnerable versions of OpenSSL. There are no known third party applications that utilize the OpenSSL implementation in XOS.
Patches
BCAAA
BCAAA 6.1 - a fix will not be provided. CoreID is no longer supported and an updated Novell SDK is not available.
BCAAA 5.5 - a fix will not be provided. CoreID is no longer supported and an updated Novell SDK is not available.
CacheFlow
3.x - a fix is available in 3.4.2.1.
2.x - a fix will not be provided. Please upgrade to the latest release with the vulnerability fix.
Content Analysis System
CAS 1.2 - a fix is available in 1.2.3.1.
CAS 1.1 - a fix is available in 1.1.5.6.
Director
Director 6.1 - a fix is available in 6.1.18.1.
IntelligenceCenter
IC 3.3 - a fix will not be provided. NetDialog NetX is a replacement product for IntelligenceCenter. Please switch to a version of NetX with the fixes.
IC 3.2 - a fix will not be provided. Please upgrade to a later release with the vulnerability fix.
IntelligenceCenter Data Collector
DC 3.3 - a fix will not be provided. NetDialog NetX is a replacement product for IntelligenceCenter. Please switch to a version of NetX with the fixes.
DC 3.2 - a fix will not be provided. Please upgrade to a later release with the vulnerability fix.
Malware Analysis Appliance
MAA 4.2 - a fix is is available in 4.2.2.
MAA 4.1 - a fix will not be provided. Please upgrade to the latest release with the vulnerability fix.
Malware Analyzer G2
MAG2 4.1 and prior – a fix will not be provided. Please upgrade to the latest MAA 4.x release with the vulnerability fix.
Management Center
MC 1.3 - a fix to disable export grade ciphers is available in 1.3.2.1.
MC 1.2 and earlier - a fix will not be provided. Please upgrade to the latest release with the vulnerability fix.
PacketShaper
PacketShaper 9.2 - a fix for CVE-2015-0204 is available in 9.2.11. Export grade ciphers are disabled in 9.2.13p2.
PolicyCenter
PolicyCenter 9.2 - a fix for CVE-2015-0204 is available in 9.2.11. Export grade ciphers are disabled in 9.2.13p2.
ProxyAV
ProxyAV 3.5 - a fix is available in 3.5.3.1.
ProxyAV 3.4 - a fix is available in 3.4.3.1.
ProxyClient
ProxyClient 3.4 - a fix will not be provided. Please, upgrade to Unified Agent 4.6 or later release.
ProxyClient 3.3 - a fix will not be provided. Please, upgrade to Unified Agent 4.6 or later release.
ProxySG
To prevent this attack, an updated release must be deployed and export grade ciphers must be disabled manually for all SSL/TLS interfaces. See the Workarounds section for information on disabling export grade ciphers.
SGOS 6.6 - a fix is available in 6.6.2.1.
SGOS 6.5 - a fix is available in 6.5.7.1.
SGOS 6.2 - a fix is available in 6.2.16.3.
SGOS 5.5 - a fix will not be provided. Please upgrade to the latest release with the vulnerability fix.
Reporter
Reporter 9.5 - a fix will not be provided. Please upgrade to a later release with the vulnerability fix.
Reporter 9.4 - a fix will not be provided. Please upgrade to a later release with the vulnerability fix.
Security Analytics
Security Analytics 7.1 - a fix is available in 7.1.7.
Security Analytics 7.0 - a patch RPM to update the version of OpenSSL is available through Blue Coat Support.
Security Analytics 6.6 - a fix is available in 6.6.11.
SSL Visibility
SSLV 3.8 - a fix is avaialble in 3.8.3.
SSLV 3.7 and prior - a fix will not be provided. Please upgrade to the latest release with the vulnerability fix.
Unified Agent
UA 4.1 - a fix will not be provided. Please, upgrade to UA 4.6 or a later release with the vulnerability fix.
X-Series
XOS 11.0 - a fix is available in XOS 11.0.2.
XOS 10.0 - a fix is available in XOS 10.0.6.
XOS 9.7 and prior - a fix will not be provided. Please upgrade to the latest release with the vulnerability fix.
ADDITIONAL PRODUCT INFORMATION
Blue Coat products act as both client and server. Blue Coat hosts services such as WebPulse and licensing services that Blue Coat products may connect with as a client.
Some Blue Coat products that can be installed on a client or on non-Blue Coat hardware use the version of OpenSSL that is already installed. Blue Coat urges our customers to update the versions of OpenSSL that are installed for Reporter on Linux, Unified Agent on Linux, and ProxyClient.
The following products are not vulnerable:
Advanced Secure Gateway
Android Mobile Agent
AuthConnector
Client Connector
Cloud Data Protection for Salesforce
Cloud Data Protection for Salesforce Analytics
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection for Oracle Field Service Cloud
Cloud Data Protection for Oracle Sales Cloud
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
Cloud Data Protection Policy Builder
Director
General Auth Connector Login Application
K9
Mail Threat Defense
Norman Shark Industrial Control System Protection
Norman Shark Network Protection
Norman Shark SCADA Protection
PacketShaper S-Series
PolicyCenter S-Series
ProxyAV ConLog and ConLogXP
Blue Coat no longer provides vulnerability information for the following products:
DLP
Please contact Digital Guardian technical support regarding vulnerability information for DLP.
ISSUES
CVE-2015-0204 - CVSS v2 base score 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
The FREAK attack exploits the usage and support of export grade ciphers in clients and servers. A man-in-the-middle can intercept the initial SSL/TLS handshake between a client and a server and request that export grade cryptography be used instead of stronger cryptography that would normally be negotiated. The resulting connection will be encrypted, but with a key that can be factored by the attacker in a few hours for a small cost. The attacker must factor the key in order to view or modify the data sent over the SSL/TLS connection.
Servers and clients that support export grade ciphers are vulnerable. Clients that are vulnerable to CVE-2015-0204 (see SA88) are vulnerable to attack even if export grade ciphers are not selected for use in an SSL/TLS session. Blue Coat products that are vulnerable to CVE-2015-0204 or that support export grade ciphers by default are vulnerable.
MITIGATION
By default, CacheFlow enables SSL v2, SSL v3, and export grade ciphers. CVE-2015-0204 for CacheFlow can be remediated by diabling SSL v2 and SSL v3, and the export grade cipher suites. Customers with systems that were initialized on versions prior to 3.4.2.1 must manually disabled SSL v2 and SSL v3 as well as export grade cipher suites. The following steps can be used to disable SSL v3 from config mode in CacheFlow 2.x and 3.x:
ssl edit ssl-device-profile default protocol TLSv1 exit exit management-services edit HTTPS-Console attribute ssl-versions TLSv1 exit exit
By default, PacketShaper and PolicyCenter prior to 9.2.13p2 allow export grade ciphers. The cipher strength setting can be changed for client and server connections by setting setting the strength to "strong" using the following CLI command in 9.2.4 and later versions:
setup SSL cipherstrength strong
By default, ProxySG SGOS 6.6, 6.5, 6.2, and 5.5 allow export grade ciphers for all SSL/TLS interfaces. Configuration settings should be changed to disallow export grade ciphers for HTTPS Console, HTTPS Reverse Proxies, SSL Device Profiles, and SSL Client Configuration. For SSL Forward Proxy, export ciphers should be disallowed through policy.
By default, SSLV 3.8 disables export grade ciphers for mangement interfaces. Policy rules can be configured to block export grade ciphers on the dataplane for SSL/TLS interception. Instructions for disabling export grade ciphers can be found in the sections Policy Rulesets and Configure Segments and Policies in the Administration Guide.
REFERENCES
FREAK attack - https://freakattack.com
Original discovery (SMACK) - https://www.smacktls.com
REVISION
2019-08-16 Fixes for IntelligenceCenter 3.3 and IntelligenceCenter Data Collector 3.3 will not be provided. NetDialog NetX is a replacement product for IntelligenceCenter. Please switch to a version of NetX with the fixes. SA status moved to Closed.
2019-08-05 A fix for Reporter 9.5 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2019-01-20 Security Analytics 8.0 is not vulnerable.
2019-01-18 IC 3.2, IC 3.3, DC 3.2, DC 3.3, Reporter 9.4, and Reporter 9.5 are vulnerable. Reporter 10.1 and later are not vulnerable. A fix will not be provided for IC 3.2, DC 3.2, and Reporter 9.4. Please upgrade to a later release with the vulnerability fix.
2017-08-02 SSLV 4.1 is not vulnerable.
2017-07-20 MC 1.10 is not vulnerable.
2017-06-22 Security Analytics 7.3 is not vulnerable.
2017-05-19 CAS 2.1 is not vulnerable to CVE-2015-0204 and disables export grade ciphers.
2017-03-06 ProxySG 6.7 is not vulnerable. SSLV 4.0 is not vulnerable.
2017-02-17 Export grade ciphers are disabled in PacketShaper 9.2.13p2. MC 1.8 is not vulnerable. Vulnerability inquiries for DLP should be addressed to Digital Guardian technical support.
2016-12-04 SSLV 3.11 is not vulnerable.
2016-11-17 Cloud Data Protection for Oracle Field Service Cloud is not vulnerable.
2016-11-15 MC 1.6 and 1.7 are not vulnerable.
2016-11-11 SSLV 3.10 is not vulnerable.
2016-09-15 Advanced Secure Gateway is not vulnerable.
2016-08-11 Security Analytics 7.2 is not vulnerable.
2016-08-10 Unified Agent 4.6 and 4.7 are not vulnerable.
2016-07-15 A fix for XOS 10.0 is available in 10.0.6. A fix for XOS 11.0 is available in 11.0.2.
2016-07-15 SSLV 3.8.4FC and 3.9 are not vulnerable.
2016-06-16 XOS 11.0 has a vulnerable version of OpenSSL, but is not vulnerable to known vectors of attack. A fix is not available at this time.
2016-06-11 PolicyCenter S-Series is not vulnerable.
2016-05-31 MC 1.4 and 1.5 are not vulnerable.
2016-05-24 Previously it was reported that Director 6.1 is not vulnerable. Further investigation has shown that Director 6.1 is vulnerable to CVE-2015-0204 and a fix is available in 6.1.18.1.
2016-05-21 General Auth Connector Login Application is not vulnerable.
2016-05-20 CAS 1.3 is not vulnerable.
2016-05-11 No Cloud Data Protection products are vulnerable.
2016-04-23 Mail Threat Defense is not vulnerable.
2016-02-26 OPIC was removed as the product is no longer supported.
2016-01-22 Android Mobile Agent and Client Connector are not vulnerable. ProxyClient and UA 4.1 are vulnerable, but a fix will not be provided. ProxyClient and UA 4.1 customers should upgrade to Unified Agent 4.6 or later.
2016-01-21 A fix for CVE-2015-0204 is available in PacketShaper 9.2.11 and PolicyCenter 9.2.11.
2015-12-02 All fixes are available for Security Analytics
2015-10-02 SSLV fix is in 3.8.3 and later; export grade cipher suites can be disabled using instructions in the Admin Guide; fixes are available for ProxyAV 3.4 and 3.5
2015-10-01 SSLV is vulnerable and a fix is available; ProxySG 6.6 is vulnerable and a fix is available
2015-09-30 Fix is available for CAS 1.1
2015-07-26 Fix is available for CacheFlow
2015-07-13 Title Update
2015-03-18 Fix is now available for SGOS 6.2
2015-03-12 Security Analytics is vulnerable; BCAAA is vulnerable and no fixes can be provided; PacketShaper 9.2.9 is still vulnerable to CVE-2015-0204 so PacketShaper is still vulnerable; a fix for MC is available
2015-03-12 Corrected typo - SGOS 6.2 fix is for CVE-2015-0204
2015-03-11 K9 and ProxyAV ConnLog/ConLogXP are not vulnerable; clarified that CAS and ProxyAV do not enable export grade ciphers; fix is available for CAS 1.2
2015-03-09 Fixed typo in CVE number and clarified relationship to SA88; ProxySG is vulnerable and fixes are available
2015-03-05 Initial public release