Symantec Security ResponseSMNTC-1469OpenSSH Vulnerabilities Jan-Aug 2018
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
SUMMARY
Symantec Network Protection products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can obtain usernames for valid SSH users and cause denial of service through application crashes.
AFFECTED PRODUCTS
Advanced Secure Gateway (ASG)
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 6.6 | Upgrade to 6.6.5.18.
6.7 | Upgrade to 6.7.4.2.
CacheFlow (CF)
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 3.4 | A fix will not be provided. Please switch to a version of ProxySG MACH5 Edition with fixes.
Content Analysis (CA)
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 1.3 | Upgrade to later version with fixes.
2.1 and later | Not vulnerable
Director
CVE |Supported Version(s)|Remediation
All CVEs | 6.1 | Upgrade to a version of MC with the fixes.
Mail Threat Defense (MTD)
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 1.1 | Upgrade to a version of CAS and SMG with the fixes.
Malware Analysis (MA)
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 4.2 | Upgrade to a version of Content Analysis with fixes.
Management Center (MC)
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 2.0, 2.3, 2.4, 3.0 | Upgrade to later release with fixes.
3.1 | Not vulnerable, fixed in 3.1.1.1
PacketShaper (PS)
CVE |Supported Version(s)|Remediation
CVE-2016-10708 | 9.2 | A fix will not be provided. Allot Secure Services Gateway (SSG) is a replacement product for PacketShaper. Switch to a version of SSG with the vulnerability fixes.
PacketShaper (PS) S-Series
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 11.6, 11.9, 11.10 | A fix will not be provided. Allot Secure Services Gateway (SSG) is a replacement product for PS S-Series. Switch to a version of SSG with the vulnerability fixes.
PolicyCenter (PC) S-Series
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 1.1 | A fix will not be provided. Allot NetXplorer is a replacement product for PC S-Series. Switch to a version of NetXplorer with the vulnerability fixes.
ProxySG
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 6.5 | Upgrade to 6.5.10.15.
6.6 | Upgrade to 6.6.5.18.
6.7 | Upgrade to 6.7.4.2.
7.1 and later | Not vulnerable, fixed in 7.1.1.1
Reporter
CVE |Supported Version(s)|Remediation
CVE-2016-10708 | 9.5 | Not vulnerable
10.1, 10.2 | Upgrade to later release with fixes.
10.3 and later | No vulnerable, fixed in 10.3.1.1
CVE-2018-15473 | 9.5 | Not vulnerable
10.1, 10.2, 10.3, 10.4 | Upgrade to later release with fixes.
10.5, 10.6 | Not available at this time
Security Analytics (SA)
CVE |Supported Version(s)|Remediation
CVE-2018-15473 | 7.2, 7.3, 8.0 | Upgrade to later release with fixes.
8.1 and later | Not vulnerable, fixed.
CVE-2018-15919 | 7.2 | Not available at this time
7.3, 8.0 | Upgrade to later release with fixes.
8.1 | Upgrade to 8.1.3.
8.2 and later | Not vulnerable, fixed in 8.2.1
SSL Visibility (SSLV)
CVE |Supported Version(s)|Remediation
All CVEs | 3.10 | Upgrade to later release with fixes.
3.12 | Upgrade to later release with fixes.
4.2 and later | Not vulnerable
Web Isolation (WI)
CVE |Supported Version(s)|Remediation
CVE-2018-15919 | 1.12 | Upgrade to later release with fixes.
1.13, 1.14 | Not available at this time
X-Series XOS
CVE |Supported Version(s)|Remediation
CVE-2016-10708, CVE-2018-15473 | 10.0, 11.0 | A fix will not be provided.
ADDITIONAL PRODUCT INFORMATION
The following products are not vulnerable:
AuthConnector
BCAAA
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server General Auth Connector Login Application
HSM Agent for the Luna SP
IntelligenceCenter
IntelligenceCenter Data Collector
PolicyCenter
ProxyAV
ProxyAV ConLog and ConLogXP
Unified Agent
WSS Mobile Agent
ISSUES
CVE-2016-10708
Severity / CVSSv3 | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) References| SecurityFocus: BID 102780 / NVD: CVE-2016-10708 Impact| Denial of service Description | A flaw in SSH message handling allows a remote attacker to send out-of-sequence NEWKEYS messages and cause an application crash, resulting in denial of service.
CVE-2018-15473
Severity / CVSSv3 | Medium / 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) References| SecurityFocus: BID 105140 / NVD: CVE-2018-15473 Impact| Information disclosure Description | A flaw in user authentication allows a remote attacker to discover usernames for valid users on the target.
CVE-2018-15919
Severity / CVSSv3 | Medium / 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) References| SecurityFocus: BID 105163 / NVD: CVE-2018-15919 Impact| Information disclosure Description | A flaw in GSS2 handling allows a remote attacker to discover usernames for valid users on the target.
MITIGATION
These vulnerabilities can be exploited only through the management interfaces for all vulnerable products. Allowing only machines, IP addresses and subnets from a trusted network to access the management interface reduces the threat of exploiting the vulnerabilities.
REVISION
2021-10-01 ProxySG 7.1 and later releases are not vulnerable because a fix is available in 7.1.1.1.
2021-07-15 A fix for Security Analytics 7.2 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2021-06-01 A fix for MC 3.0 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2021-05-12 A fix for CVE-2018-15919 in SA 8.1 is available in 8.1.3.
2021-02-18 A fix for MC 2.4 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2021-01-15 WI 1.14 is vulnerable to CVE-2018-15919. A fix is not available at this time. Fixes will not be provided for WI 1.12. Please upgrade to a later release with the vulnerability fixes.
2021-01-12 A fix for SSLV 3.10 and SSLV 3.12 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2020-12-09 SA 8.2 is not vulnerable because a fix is available in 8.2.1.
2020-11-30 MC 3.1 is not vulnerable because a fix is available in 3.1.1.1.
2020-11-19 A fix for MTD 1.1 will not be provided. Please upgrade to a version of CAS and SMG with the vulnerability fixes. A fix for SA 7.3 and 8.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. A fix for XOS 9.7, 10.0, and 11.0 will not be provided. A fix for Director 6.1 will not be provided. Please upgrade to a version of MC with the vulnerability fixes. A fix for Reporter 10.4 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2020-08-19 A fix for MC 2.3 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2020-06-01 A fix for CacheFlow will not be provided. Please switch to a version of ProxySG MACH5 Edition with the vulnerability fixes.
2020-04-05 A fix for Management Center 2.2 will not be provided. A fix for CVE-2018-15473 in Reporter 10.3 will not be provided. Please upgrade to later versions with the vulnerability fixes. Management Center 2.4 is vulnerable to CVE-2016-10708 and CVE-2018-15473. Reporter 10.5 is vulnerable to CVE-2018-15473. Security Analytics 8.1 is vulnerable to CVE-2018-15919. Security 8.1 is not vulnerable to CVE-2018-15473 because a fix is available in 8.1.1.
2020-04-04 A fix for PacketShaper S-Series will not be provided. Allot Secure Services Gateway (SSG) is a replacement product for PacketShaper S-Series. Switch to a version of SSG with the vulnerability fixes. A fix for PolicyCenter S-Series will not be provided. Allot NetXplorer is a replacement product for PolicyCenter S-Series. Switch to a version of NetXplorer with the vulnerability fixes.
2020-01-19 A fix for Malware Analysis will not be provided. Upgrade to a version of Content Analysis with the vulnerability fixes.
2019-10-07 WI 1.12 and 1.3 are vulnerable to CVE-2018-15919. A fix is not available at this time.
2019-09-05 A fix for MC 2.1 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2019-08-30 It was previously reported that Reporter 10.3 is vulnerable to CVE-2018-15919. Reporter 10.3 is instead vulnerable to CVE-2018-15473. Reporter 10.4 is also vulnerable to CVE-2018-15473.
2019-08-13 MC 2.2 and MC 2.3 are vulnerable to CVE-2016-10708 and CVE-2018-15473. A fix for MC 2.0 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2019-08-09 A fix for ProxySG 6.5 is available in 6.5.10.15.
2019-08-09 A fix for ASG 6.6 and ProxySG 6.6 is available in 6.6.5.18.
2019-08-06 A fix for Reporter 10.1 and 10.2 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2019-02-04 A fix for CA 1.3 will not be provided. Please upgrade to a later version with the vulnerability fixes.
2019-01-15 A fix for ASG 6.7 and ProxySG 6.7 is available in 6.7.4.2.
2019-01-14 Reporter 10.3 is vulnerable to CVE-2018-15919. It is not vulnerable to CVE-2016-10708 because a fix is available in 10.3.1.1.
2018-11-29 initial public release
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P