IBM95A37AC2C7F105661E81CCB7B98B49EAB2848DF53F74121F0FEE7D2AE8FA7EA2Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business (CVE-2015-2808)
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Summary
The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Security Access Manager for Web and IBM Tivoli Access Manager for e-business.
Vulnerability Details
CVEID: CVE-2015-2808
DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as “Bar Mitzvah Attack”.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Affected Products and Versions
IBM Tivoli Access Manager for e-business versions 6.0, 6.1, 6.1.1
IBM Security Access Manager for Web version 7.0 software
IBM Security Access Manager for Web version 7.0 appliance, all firmware versions
IBM Security Access Manager for Web version 8.0 appliance, all firmware versions
Remediation/Fixes
IBM has provided patches for all affected versions. Follow the installation instructions in the README files included with the patch.
You should verify applying this fix does not cause any compatibility issues. The fix disables RC4 stream cipher by default. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.
Please note: If you have configured the ciphers that are used in your environment, you might still be susceptible to the attack described above. Please review the ‘Post-installation instructions’ provided below the remediation table.
| Product | VRMF | APAR | Remediation |
|---|---|---|---|
| IBM Tivoli Access Manager for e-business | 6.0 - | ||
| 6.0.0.38 | IV73153 | Apply the following interim fix: | |
| 6.0.0-ISS-TAM-IF0039 | |||
| IBM Tivoli Access Manager for e-business | 6.1 - | ||
| 6.1.0.19 | IV73153 | Apply the following interim fix: | |
| 6.1.0-ISS-TAM-IF0020 | |||
| IBM Tivoli Access Manager for e-business | 6.1.1 - | ||
| 6.1.1.17 | IV73150 | Apply the following interim fix: | |
| 6.1.1-ISS-TAM-IF0018 | |||
| IBM Security Access Manager for Web | |||
| (software-installations) | 7.0 - | ||
| 7.0.0.13 | IV73149 | Apply the following fix pack: | |
| 7.0.0-ISS-SAM-IF0014 | |||
| IBM Security Access Manager for Web | |||
| (appliance-based) | 7.0 - | ||
| 7.0.0.12 | IV73146 | 1) Apply the following fix pack: | |
| 7.0.0-ISS-WGA-FP0012 |
- You can then apply the following interim fix:
IBM Security Access Manager for Web
(appliance-based)| 7.0.0.12
7.0.0.13| IV73146| Apply the following interim fix:
7.0.0-ISS-WGA-IF0014
IBM Security Access Manager for Web| 8.0 -
8.0.1.1| IV73137| 1) Apply the following fix pack:
8.0.1-ISS-WGA-FP0002
- You can then apply the following interim fix:
8.0.1.2-ISS-WGA-IF0003
IBM Security Access Manager for Web| 8.0.1.2| IV73137| Apply the following interim fix:
For Tivoli Access Manager for e-business 5.1, IBM recommends upgrading to a fixed, supported version/release/platform of the product.
Post-installation instructions
After you have applied the interim fix packages described above, you need to review your environment to check whether your environment is configured to use RC4 ciphers.
Review the details below to determine whether you need to update the configuration in your environment to avoid any exposure to this vulnerability:
Vulnerabilities have been identified in many of the available ciphers. Here is a list of the remaining ciphers that are not affected by these known vulnerabilities. These ciphers are stated in no particular order. You can use one or more of these ciphers as you work through the configuration details included in this tech note.
Table One: SSLv3, TLSv10, TLSv11 (GSKit 7 & GSKit 8)
| Long name | Cipher number |
|---|---|
| TLS_RSA_WITH_3DES_EDE_CBC_SHA | 0A |
| TLS_RSA_WITH_AES_128_CBC_SHA | 2F |
| TLS_RSA_WITH_AES_256_CBC_SHA | 35 |
Table Two: TLSv12 (GSKit 8 only)
Long name
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
_Mitigation for all TAMeb versions and ISAM for Web 7.0 software version _
1). Download the latest version of GSKit, 7.0.5.6 or 8.0.50.42, for your currently installed TAMeb or ISAM version -
- IBM Security Access Manager for Web 7.0.0 (Software)****
- Tivoli Access Manager for e-business 6.1.1
- Tivoli Access Manager for e-business 6.1.0****
- Tivoli Access Manager for e-business 6.0.0****
2). Shutdown all running instances of WebSEAL on the machine for which these instructions are to be followed.
3). For all ISAM and TAMeb versions. For all machines hosting WebSEAL if the following environment variables have been set –
GSK_V2_CIPHER_SPECS
GSK_V3_CIPHER_SPECS
Remove all references of the following cipher numbers, which have known vulnerabilities –
01 02 03 04 05 06 09 62 64
**Note:**You can configure your environment to use of one or more of the ciphers listed in the tables at the start of this tech note.
4). For ISAM 7.0 only. For each instance of WebSEAL, under the** [ssl]stanza, remove all references to RC4 ciphers from both the gsk_attr_name and thejct_gsk_attr_name **attributes:
Long Name
-----------------------------------
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note - Any instance of the above ciphers should be removed. You can configure your environment to use one or more of the ciphers listed in the tables at the start of this tech note.
5). Update the following Policy Server configuration files: ldap.conf andactivedir_ldap.conf. Update the following configuration entries to ensure that there are no references to RC4 ciphers.
Configure the following entries to use one or more of the ciphers listed in the tables at the start of this tech note.
[ldap]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Note: Ensure that you remove any references to the following cipher numbers -
01 02 03 04 05 06 09 62 64
[uraf-registry]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Note: Ensure that you remove any references to the following ciphers:
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note: For these updates to take effect, please restart your Policy Server.
6). For all TAMeb and ISAM versions. For all instances of WebSEAL, if the GSKit environment variables have been correctly configured as outlined in step two above and the value of thessl-qop-mgmt within the WebSEAL configuration file is currently set to “No” or “False” then no additional actions are required., skip to Step 7.
For all instances of WebSEAL, if the ssl-qop-mgmtattribute is set to “Yes” or “True”, configure the default configuration entries in the [ssl-qop-mgmt-default] stanza to ensure that you remove any vulnerable ciphers.Note: Do not use a setting of ‘ALL’.
Ensure that the following ciphers are not present in the configured ciphers:
default = RC4-40
default = RC2-40
default = DES-56
default = DES-56-62
default = RC4-56
default = RC4-128
default = RC2-128
7). For all instances of WebSEAL, if not already done, set the following environment variable during the start up process for WebSEAL-
GSK_STRICTCHECK_CBCPADBYTES = GSK_FALSE
**
Important** - If this environment variable is already set then it can remain in place. It should not have any effect on this mitigation plan.
8). Upgrade to GSKit, 7.0.5.6 or 8.0.50.42, using the instructions provided in the readme of their respective releases.
9). Restart all instances of WebSEAL.
_Mitigation for all ISAM for Web 7.0 and 8.0 appliance versions _
Note: It is important that you explicitly set values for all of these entries so that the default ciphers are not used. The list of default ciphers on the appliance includes some of the RC4 ciphers that are affected by this vulnerability. To mitigate this vulnerability, you must set all of the configuration entries that are described in the following steps.
1). Update to the latest interim fixes for your product version -
- IBM Security Access Manager for Web 8.0.1.2 IF0002
- IBM Security Access Manager for Mobile 8.0.1.2 IF0002
- IBM Security Access Manager for Web (WGA) 7.0.0 IF0014
- IBM Single Sign On for Bluemix v2 Identity Bridge 8.0.1.2 IF0002****
Note: Before applying the interim fixes, you must first ensure that you are running the latest fix pack level.
2). Shut down all instances of the Reverse Proxy hosted by the appliance where these instructions are to be followed.
3). For each of the instance of Reverse Proxy open its configuration file using the following instructions:
1. Select ‘Secure Web Settings -> Reverse Proxy’ from the menu bar;
2. Select the Reverse Proxy instance;
3. Select ‘Manage -> Configuration -> Edit Configuration File’ from the menu
4). For each instance of Reverse Proxy, under the **[ssl]stanza, remove all references to RC4 ciphers from both the gsk_attr_name and thejct_gsk_attr_name **attributes:
Long Name
-----------------------------------
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note - Any instance of the above ciphers should be removed.****Configure your environment to use one or more of the ciphers listed in the tables at the start of this tech note.
5). On the Runtime Component management page, select ‘Manage -> Configuration Files -> ldap.conf’.
Update the following configuration entries to use one or more of the ciphers listed in the tables at the start of this tech note.
[ldap]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Ensure that you remove any references to the following cipher numbers -
01 02 03 04 05 06 09 62 64
- On the Runtime Component management page, select ‘Manage -> Configuration Files -> activedir_ldap.conf’.
Update the following configuration entries to ensure that there are no references to RC4 ciphers. You can use one or more of the ciphers listed in the tables at the start of this tech note.
[uraf-registry]
ssl-tls-cipher-specs
tls-v12-cipher-specs
Ensure that you remove any references to the following ciphers:
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_DES_CBC_SHA
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
TLS_RSA_WITH_NULL_SHA
TLS_RSA_WITH_NULL_MD5
TLS_RSA_WITH_NULL_SHA256
TLS_ECDHE_RSA_WITH_NULL_SHA
TLS_ECDHE_ECDSA_WITH_NULL_SHA
Note: For these updates to take effect, please restart your Policy Server.
7). For all instances of the Reverse Proxy, if the ssl-qop-mgmtattribute is set to “Yes” or “True”,
configure the default configuration entries in the [ssl-qop-mgmt-default] stanza to ensure that vulnerable ciphers are removed.Note: Do not use a setting of ‘ALL’.
Ensure that the following ciphers are not present in the configured ciphers:
default = RC4-40
default = RC2-40
default = DES-56
default = DES-56-62
default = RC4-56
default = RC4-128
default = RC2-128
8). For each instance of Reverse Proxy if not already set, set the following attribute and value under the [ssl] stanza -
gsk-attr-name = enum:471:0
jct-gsk-attr-name = enum:471:0
**
Note** - If this attribute is already set to then this can remain in place. It should not have any affect for the mitigation plan.
9). For each instance of Reverse Proxy save and deploy the changes.
10). Apply the appliance fix pack using the following instructions -
i). Click Manage, and then click Fix Packs.
ii). In the Fix Packs pane, click New.
iii). In the Add Fix Pack window, click Browse to locate the fix pack file, and then click Open.
iv). Click Submit to install the fix pack.
11). Once the appliance has restarted, verify that all Reverse Proxy servers are restarted successfully.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| tivoli access manager for e-business | eq | any |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N