Operating System:

[WIN][LINUX][AIX]

Published:

12 September 2019

Protect yourself against future threats.

//Service

Early Warning SMS

Receive SMS notifications for the most critical security threats and vulnerabilities.

Read more
Resources > Security Bulletins > ESB-2019.3475 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.3475
  Spectrum Protect Operations Center vulnerable to Logjam (CVE-2015-4000)
                             12 September 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Spectrum Protect
Publisher:         IBM
Operating System:  AIX
                   Linux variants
                   Windows
Impact/Access:     Access Privileged Data         -- Remote/Unauthenticated
                   Provide Misleading Information -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-4000  

Reference:         ASB-2017.0219
                   ASB-2016.0074
                   ASB-2016.0043
                   ASB-2016.0004
                   ASB-2015.0103

Original Bulletin: 
   http://www.ibm.com/support/docview.wss?uid=ibm11073000

- --------------------------BEGIN INCLUDED TEXT--------------------

Spectrum Protect Operations Center vulnerable to Logjam (CVE-2015-4000)

Document Information
More support for: 
IBM Spectrum Protect

Component: 
Operations Center

Software version: 
8.1

Operating system(s): 
AIX; Linux; Windows

Reference #: 
1073000

Modified date: 
10 September 2019

Security Bulletin

Summary

A port used by Operations Center is reported to be vulnerable to Logjam
(CVE-2015-4000).

Vulnerability Details

CVEID: CVE-2015-4000
DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive
information, caused by the failure to properly convey a DHE_EXPORT ciphersuite
choice. An attacker could exploit this vulnerability using man-in-the-middle
techniques to force a downgrade to 512-bit export-grade cipher. Successful
exploitation could allow an attacker to recover the session key as well as
modify the contents of the traffic. This vulnerability is commonly referred to
as "Logjam".
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
103294 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)

Affected Products and Versions

IBM Spectrum Protect Operations Center affected levels are 8.1.3 through 8.1.7.
Note that 7.1 is not affected.

Remediation/Fixes

+-----------------------+----------+-----------+-----------+---------------------------------------------------------------------------------+
|IBM Spectrum Protect   |First     |           |           |                                                                                 |
|Operations Center      |Fixing    |APAR       |Platform   |Link to Fix                                                                      |
|Release                |VRM Level |           |           |                                                                                 |
+-----------------------+----------+-----------+-----------+---------------------------------------------------------------------------------+
|8.1                    |8.1.8     |IT30213    |AIX        |https://www.ibm.com/support/docview.wssuid=ibm10888465                          |
|                       |          |           |Linux      |                                                                                 |
|                       |          |           |Windows    |                                                                                 |
+-----------------------+----------+-----------+-----------+---------------------------------------------------------------------------------+

Workarounds and Mitigations

IBM Spectrum Protect Operations Center 8.1.3 through 8.1.7, can add the
following statements to the java security file (/opt/tivoli/tsm/jre/lib/
security/java.security) to eliminate exposure to this vulnerability:

jdk.certpath.disabledAlgorithms=MD2,MD5,SHA1 usage TLSServer TLSClient
SignedJAR, RSA keySize < 1024, DSA keySize < 1024, EC keySize < 256, DSS
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, DH keySize < 2048, EC keySize
< 256, DSS, 3DES_EDE_CBC, DES, DESede, RC4, MD5, SHA1,
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256,
TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256,
TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, anon, NULL,
GCM
jdk.tls.ephemeralDHKeySize=2048

jdk.tls.rejectClientInitiatedRenegotiation=true

Get Notified about Future Security Bulletins

References

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXXmbyWaOgq3Tt24GAQhJww//Uf9PQg/i3zj6hmoNnRBDnCyDJ07atH0G
OsfwWq9Hde0SEnmhkJlyixlYTlxH+1vogKyaRVAET7w9gzFBMv9pxl8BjJRdT4xN
Iz8Lu39OmcNEhvBlyBxh0OLMcZn7JLfWqRBp5aBTjArBgL7GvGQzU133Vuq7UoXy
yTc1dlCfKo+qjS4ZXGakaQvvz3+0m3O5OZkZ7zgYQkIuEj9yFw8nEDkwsu6twO7a
5+I5ArvA3gsvQOsqvorkwKaeSA4PD8XJrDstcpwb11wGPT3KHx1ws25yevH1jLZl
CgesL2Cy5QYctBkqJl/VpvNKo+ONtqN19DXk3ujGN9Gz83N4KLCtABsZhNjJpF58
PNa65EgZuBDM4MhMKq+/uKbcVKIV2PDIgqQz32qugQt4gHYliLudU1+Pmf8bNNsJ
lyWesxePhOuMeBGp9hyJu1wS7ILs+B8ZhZQnW4sXgv2CxKFmOWiko/59LrcxzEnf
jsD43D9gmLMXhRaJiSKBAZNmWseVRKh4RJgGW66sYbNL6rKPLnaoIGc/66XvIwNO
by6+LpLJAs9hyvD60UxXICePuK2fwR1MpiUJMbA86bbbD4xqkJFEOcJHV/y3/jKl
iL6Gal1eGBiimEFIXq5t9MBsCZTJ3GS8BjdRDomSb81g0SjOsm16iSl4LRsSIWjb
zsd9S0FkEds=
=Tmll
-----END PGP SIGNATURE-----