Lucene search

K
ibmIBM884111D7226F46589CF10444A056A37556EBDDE3A7C749419D1DC88EBDC66FFB
HistoryAug 20, 2022 - 12:54 a.m.

Security Bulletin: TS3000 code levels 5.x and 7.x affected by various OpenSSL vulnerabilities

2022-08-2000:54:31
www.ibm.com
13
ts3000
vulnerabilities
openssl
tssc
redhat
update
patch
security bulletin

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS

0.973

Percentile

99.9%

Summary

Six security vulnerabilities have been found that affect most levels of TSSC code.

Vulnerability Details

A malicious user could exploit these vulnerabilities to decrypt and modify traffic sent between a client and a server, to execute arbitrary code on a client or server, crash a server, or implement a denial-of-service attack.

Vendor Vendor ID Vendor Title Included CVEs
RedHat RHSA-2014:0625
Important: openssl security update CVE-2010-5298
CVE-2014-0195
CVE-2014-0198
CVE-2014-0221
CVE-2014-0224
CVE-2014-3470

**DESCRIPTION:******OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library.

It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224)

Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL.

A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195)

Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198)

A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221)

A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470)

CVSS Base Score: 5.8 CVSS Temporal Score: See <http://xforce.iss.net/xforce/xfdb/93586&gt; for the current score CVSS Environmental Score*: Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)

Affected Products and Versions

TSSC 5.12, 7.0-7.3

Remediation/Fixes

Update to TSSC 7.3.15 and apply OpenSSL patch “sslUpdate.”

Workarounds and Mitigations

No known workarounds. TSSC should be updated to 7.3.15 and patched.

Affected configurations

Vulners
Node
ibmts7700Matchany

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

EPSS

0.973

Percentile

99.9%