IBM3173436321C56EFE717CD3157343D8881EA1EE61D9FFA6FAA9912F1C744A3245Security Bulletin: SLOTH - Weak MD5 Signature Hash vulnerability may affect DS8000
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.9%
Summary
SLOTH - Weak MD5 Signature Hash vulnerability may affect DS8000 (CVE-2015-7575)
Vulnerability Details
CVEID: CVE-2015-7575 **
DESCRIPTION:** The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing a ServerKeyExchange message during a TLS handshake. An attacker could exploit this vulnerability using man-in-the-middle techniques to impersonate a TLS server and obtain credentials.
CVSS Base Score: 7.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109415 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N)
Detail
Port 1750 is used by the DS Network Interface legacy client to connect to DS8000 services and is documented as having an RSA1024 public key signed with MD5. For more information please see the link below:
<http://www.ibm.com/support/knowledgecenter/ST5GLJ_8.0.0/com.ibm.storage.ssic.help.doc/f2c_securitybp_updatecert.html>
Disabling this port has been available since R7.2 ( and is supported in all levels higher than this). The facility to disable this port was also made available in R6.3SP13. For level information please see:
<http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004456>
IBM recommends disabling the legacy port ( by using the dscli manageaccess command) after verifying that**all **applications which use the DS Network Interface Client have been updated to support port 1751, and updating the DS8000 microcode to at least the versions indicated above. Disabling the port will ensure that there is no exposure to this vulnerability.
Please note that versions of JAVA later than January 2016 may also have disabled support for MD5 signed keys and effectively force applications which embed the DS Network Interface Client to use the secure port only. Consult the applicable product documentation for information on how to re-enable this support if use of the legacy port is required.
Also note that DSCLI must be at a minimum R7.2 level ( even for R6.3 users) to be able to issue themanageacces****s command.
For dscli download information please select the applicable levels at:
https://www.ibm.com/support/fixcentral/options
Affected Products and Versions
All
Remediation/Fixes
N/A
Workarounds and Mitigations
See the detail above
| CPE | Name | Operator | Version |
|---|---|---|---|
| disk systems->ds8870 | eq | any | |
| disk systems->ds8870 | eq | any | |
| disk systems->ds8700 | eq | any | |
| ibm ds8800 | eq | any | |
| ds8880 | eq | any |
Related
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.9%