The Logjam Attack on TLS connections using the Diffie-Hellman (DH) key exchange protocol affect IBM Security Proventia Network Active Bypass
CVEID: CVE-2015-4000
DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as “Logjam”.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103294> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
**Products:**ABYP-0T-0S-4L-P, ABYP-0T-0S-4L-P-M, ABYP-0T-2S-2L-P, ABYP-0T-2S-2L-P-M, ABYP-0T-4S-0L-P, ABYP-0T-4S-0L-P-M, ABYP-10G-2SR-2LR-1-P, ABYP-10G-2SR-2LR-1-P-M, ABYP-10G-4LR-1-P, ABYP-10G-4LR-1-P-M, ABYP-10G-4SR-1-P, ABYP-10G-4SR-1-P-M, ABYP-2T-0S-2L-P, ABYP-2T-0S-2L-P-M, ABYP-2T-1S-1L-P, ABYP-2T-1S-1L-P-M, ABYP-2T-2S-0L-P, ABYP-2T-2S-0L-P-M, ABYP-4T-0S-0L-P, ABYP-4T-0S-0L-P-M, ABYP-4TL-P, ABYP-4TL-P-M, ABYP-4TS-P, ABYP-4TS-P-M
**Firmware Versions: **
1G NAB - 2.15-36, 2.16-37, 2.18-43, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57
, 3.29-9
10G NAB - 1.0.1876, 1.0.2919, 0343c3c, 2.11-28, 2.13-34, 2.15-36, 2.18-42, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57
, 3.29-9
The following IBM Thread Updates have the fixes for these vulnerabilities:
Product | Version | _Remediation/First Fix _ |
---|---|---|
_IBM Security Proventia Network Active Bypass _ | 1G NAB - 2.15-36, 2.16-37, 2.18-43, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9 | Proventia 1G NAB Update 16 (fw3.30-12) |
_IBM Security Proventia Network Active Bypass _ | 10G NAB - 1.0.1876, 1.0.2919, 0343c3c, 2.11-28, 2.13-34, 2.15-36, 2.18-42, 3.4-23, 3.9-34, 3.13-41, 3.18-49, 3.25-57, 3.29-9 | Proventia 10G NAB Update 13 (fw3.30-12) |
NOTE: To complete remediation of the vulnerability, it is necessary to perform regeneration of the appliance certificates following installation of the fix above. This process will take up to 60 minutes to complete, and the appliance will perform a reboot.
The procedure can be perfomed in one of two ways:
a) Console(Admin Menu)
Proventia_NAB> system generate-Diffie-Hellman-group
OR
b) LMI
System–>Settings–> Generate Diffie Hellman group
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm security network active bypass | eq | 3.0 |