Security Bulletin: A vulnerability in OpenSSL affects IBM DataPower Gateways (CVE-2016-2183)

Summary

A vulnerability in the SSL/TLS protocol affects the ISAM Access Manager client and JMS. IBM DataPower Gateways has fully addressed the applicable CVE in version 7.5.2, and in earlier releases it was addressed with a combination of a code fix and a workaround.

Vulnerability Details

CVEID: CVE-2016-2183**
DESCRIPTION:** OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
CVSS Base Score: 3.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/116337 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

IBM DataPower Gateway, versions 7.0.0.0-7.0.0.17, 7.1.0.0-7.1.0.14, 7.2.0.0-7.2.0.11, 7.5.0.0-7.5.0.5, 7.5.1.0-7.5.1.4, 7.5.2.0-7.5.2.2

Remediation/Fixes

Fix is available in versions 7.0.0.18, 7.1.0.15, 7.2.0.12, 7.5.0.6, 7.5.1.5, 7.5.2.3. Refer to APAR IT19703 for URLs to download the fix. The fix applies to JMS traffic in all versions, and to ISAM traffic in 7.5.2.3 only.

You should verify applying this fix does not cause any compatibility issues.

For versions 7.0.0, 7.1.0, 7.2.0, 7.5.0 and 7.5.1, the ISAM (TAM) Access Manager Client does not include a fix for this vulnerability. Customers using the Access Manager Client on versions below 7.5.2.3 should follow the directions in the “Workarounds and Mitigations” section of this bulletin.

For DataPower customers using versions 6.x and earlier versions, IBM recommends upgrading to a fixed, supported version/release/platform of the product.

Workarounds and Mitigations

Customers using ISAM (TAM) Access Manager Client in versions 7.0.0, 7.1.0, 7.2.0, 7.5.0, 7.5.1 and 7.5.2.0-7.5.2.2 are exposed to this vulnerability if the Access Manager connections are configured to permit the use of triple-DES ciphers, and if large amounts (many gigabytes) of data are transmitted over a single Access Manager connection.

To avoid the vulnerability, customers may either limit the data they send to well below 32GB, or may configure their Access Manager connections to use only AES ciphers. This configuration can be done on the Access Manager server, where it will be in effect for all clients.

Additionally, the Access Manager Client within the IBM DataPower Gateway for TAM 7 or higher can be configured to remove DES-based ciphers by modifying the [SSL] stanza of the Access Manager Client configuration file to remove DES-based algorithms, as described in the following document: <https://www.ibm.com/support/knowledgecenter/SSPREK_7.0.0/com.ibm.isam.doc_70/ameb_baseadmin_guide/concept/con_ssl.html&gt;

The Access Manager Client for TAM 6.1.1 and lower cannot be configured in this way. TAM 6.1.1 and lower clients must rely on TAM traffic negotiating AES over DES-based ciphers. TAM 7 and higher servers can be configured not to allow DES-based cipher suites; TAM 6.1.1 and lower always offers AES before DES, and will therefore not negotiate a DES cipher suite.