Weak cipher vulnerability - Qualys QID 38863
Article ID: 280424
Updated On:
Products
Issue/Introduction
We have several vulnerabilities that are related to weak ciphers and need to know how to disable the weak ciphers. Below is a copy of the vulnerability reported.
This is impacting all of the DevTest services, registry, portal, VSE, etc.
- QID:
- 38863
- Category:
- General remote services
- Associated CVEs:
- -
- Vendor Reference
- -
- Bugtraq ID:
- -
- Service Modified:
- 03/03/2023
- User Modified:
- -
- Edited:
- No
- PCI Vuln:
- Yes
- CVSS Base:
- 4.0[1]
- CVSS Temporal:
- 2.9
- CVSS3.1 Base:
- 4.8[1]
- CVSS3.1 Temporal:
- 4.3
- THREAT:
- QID Detection Logic:
For a SSL enabled port, the scanner probes and maintains a list of supported SSL/TLS versions. For each supported version, the scanner does a SSL handshake to get a list of KEX methods supported by the server. It reports all KEX methods that are considered weak and List all server supported ciphers for each weak key exchange method supported by Server.
The criteria of a weak KEX method is as follows:
The SSL/TLS server supports key exchanges that are cryptographically weaker than recommended. Key exchanges should provide at least 112 bits of security, which translates to a minimum key size of 2048 bits for Diffie Hellman and RSA key exchanges or 224 bits for Elliptic Curve Diffie Hellman key exchanges. - IMPACT:
- An attacker with access to sufficient computational power might be able to recover the session key and decrypt session content.
- SOLUTION:
- Change the SSL/TLS server configuration to only allow strong key exchanges. Key exchanges used on the server should provide at least 112 bits of security, so the minimum key size to not flag this QID should be: 2048 bit key size for Diffie Hellman (DH) or RSA key exchanges 224 bit key size for Elliptic Curve Diffie Hellman (EDCH) key exchanges.
- COMPLIANCE:
- Not Applicable
- EXPLOITABILITY:
- There is no exploitability information for this vulnerability.
- ASSOCIATED MALWARE:
- There is no malware information for this vulnerability.
- RESULTS:
-
PROTOCOL CIPHER NAME GROUP KEY-SIZE FORWARD-SECRET CLASSICAL-STRENGTH QUANTUM-STRENGTH TLSv1.2 DHE-RSA-AES256-GCM-SHA384 DHE 1024 yes 80 low TLSv1.2 DHE-RSA-AES128-GCM-SHA256 DHE 1024 yes 80 low TLSv1.2 DHE-RSA-AES256-SHA256 DHE 1024 yes 80 low TLSv1.2 DHE-RSA-AES128-SHA256 DHE 1024 yes 80 low TLSv1.2 DHE-RSA-AES256-SHA DHE 1024 yes 80 low TLSv1.2 DHE-RSA-AES128-SHA DHE 1024 yes 80 low TLSv1.2 EDH-RSA-DES-CBC3-SHA DHE 1024 yes 80
Environment
All supported DevTest releases.
Cause
Vulnerability.
Resolution
STEPS TO DISABLE WEAK/UNSAFE KEY LENGTH AND CIPHERS
- Edit the file LISA_HOME\\jre\\lib\\security\
\java.security in a text editor - We need to modify the value of property 'jdk.tls.disabledAlgorithms'
- Add DH keySize < 2048 or modify it, if it exists
- Add the below ciphers :
-
Ciphers to add:
TLS_DHE_RSA_WITH_AES_256_CBC_
SHA256,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
For example this line could look like:
jdk.tls.disabledAlgorithms=
DH keySize < 2048, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \\
include jdk.disabled.namedCurves,\\
TLS_DHE_RSA_WITH_AES_256_
TLS_DHE_DSS_WITH_AES_256_CBC_
TLS_DHE_RSA_WITH_AES_256_CBC_
TLS_DHE_DSS_WITH_AES_256_CBC_
TLS_DHE_RSA_WITH_AES_128_CBC_
TLS_DHE_DSS_WITH_AES_128_CBC_
TLS_DHE_RSA_WITH_AES_128_CBC_
TLS_DHE_DSS_WITH_AES_128_CBC_
TLS_DHE_RSA_WITH_AES_256_GCM_
TLS_DHE_DSS_WITH_AES_256_GCM_
TLS_DHE_RSA_WITH_AES_128_GCM_
TLS_DHE_DSS_WITH_AES_128_GCM_
Save the file and then restart all the DevTest Services.
This will resolve the weak ciphers.
Feedback
