This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy

Security Advisory- Risk of Password Being Cracked Due to DES Encryption Algorithm

  • SA No:Huawei-SA-20120827-01-CX600
  • Initial Release Date: Aug 27, 2012
  • Last Release Date: Aug 16, 2013

In multiple Huawei products, DES encryption algorithm is used for password and the encryption is not strong enough so it may be cracked (HWNSIRT-2012-0820).

This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2012-4960.

Temporary fix for this vulnerability is available. Huawei has made the version plan to resolve this vulnerability.

1、         Involved versions:

Affected product

Affected version

NE5000E

V300R007

V800R002

MA5200G

V200R003

V300R003

NE40E/80E

V300R003

V600R001 V600R002 V600R003(excluding
V600R003C00SPCA00)

ATN

V200R001C00, V200R001C01

NE40/NE80

V300R005

NE20E-X6

V600R003

NE20

V200R005

ME60

V100R005 V100R006 V600R002 V600R003
V600R005C00SPC600

CX600

V200R002 V600R001 V600R002 V600R003
(excluding V600R003C00SPCA00)

CX200/CX300

V100R005

ACU

V100R003C01SPC100

V200R001C00SPC100

V200R001C00

WLAN AC 6605

V200R001C00

V200R001C00SPC100

S9300

V100R001 V100R002 V100R003 V100R006

S7700

V100R003 V100R006

S2300/S3300/S5300

V100R002 V100R003

S2300/S3300/S5300/S2700/S3
700/S5700

V100R005

S2300/S3300/S5300/S3300HI/
S5300HI/S5306/S6300/S2700/
S3700/S5700/S6700

V100R006C00
V100R006C01

AR G3

V200R001C00

V200R001C01

V200R002C00SPC200

H3C AR(OEM IN)

AR x9 series R2209 and earlier versions

AR 19/29/49

R2207 and earlier versions

Eudemon100E

V200R007

Eudemon200

V200R001

Eudemon300&500&1000

V200R006C02 and earlier versions

Eudemon1000E-U/USG5300

V200R001 and earlier versions

Eudemon1000E-X/USG5500

V200R002 and earlier versions

Eudemon8080E&8160E/USG9300

V100R003C00 and earlier versions

Eudemon8000E-X/USG9500

V200R001C00SPC600 and earlier versions

E200E-C&X3&X5&X7/USG2200&5100

V200R003C00 and earlier versions

E200E-B&X1&X2/USG2100

V100R005C01 and earlier versions

SVN5300

V100R001C01B019

SVN2000&5000 series

V200R001C00

SVN3000

V100R002C02SPC802B041

NIP100/200/1000

V100R001

NIP2100&2200&5100

V100R001C00

 

If attackers acquire the encryption file, they may crack the DES encryption algorithm to get the password.

The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).

Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

Temporal Score: 5.6(E:F/RL:T/RC:C)

Prerequisite:

The attacker can log in to the device, and has privilege to get configuration with encrypted passwords.

Procedures:

The attacker acquires the user password stored by encryption and crack DES encryption algorithm to get the password in clear text.

Impact:

The attacker acquires the password. 

1. Enhance the remote login management to the equipment and only allow login within the operator’s management network.

2. Strictly manage the accounts privilege.

3. Change the password regularly.


1.Abandon DES algorithm and adopt AES256 algorithm.

Version upgrade information and upgrade date:

Affected product

Solved version

Solved time

NE5000E

V800R003C00

09.19.2012

ATN

V200R001C02

08.20.2012

NE40E&NE80E

V600R003C00SPCA00
V600R005C00

09.15.2012

CX600

V600R003C00SPCA00
V600R005C00

09.15.2012

ME60

V600R005C00

09.15.2012

AR 19/29/49

R 2209 and later version

03.09.2012

ACU

V200R002

08.31.2012

WLAN AC 6605

V200R002

08.31.2012

S3300HI/S5300/S6300/S3700HI/
S5700/S6700

V200R001C00

08.31.2012

S9300/S9300E/S7700/S9700

V200R001C00

08.31.2012

S2300/S3300/S2700/S3700

V100R006C03

08.31.2012

AR G3

Release version: V200R002C01SPC200
Cold patch: V200R002SPC002

08.31.2012

H3C AR(OEM IN)

AR x8 series; AR x9 series
R2209 and the later version

03.30.2012

Eudemon100E

E200E-X  V300R001C00SPC600

08.31.2012

Eudemon200

Eudemon300&500&1000

Eudemon1000E-U/USG5300

Eudemon 1000E-X/USG5500
V300R001C00SPC600

08.31.2012

Eudemon1000E-X/USG5500

Eudemon8080E&8160E/USG9300

Eudemon8000E
V200R001C00SPC800/
V200R001C01SPC500

07.30.2012

Eudemon8000E-X/USG9500

USG2200&5100

V300R001C00SPC600

08.31.2012

USG2100

V300R001C00SPC100

08.31.2012

SVN5300

SVN5500(product
replacement)

02.28.2012

SVN2000&5000 series

V200R001C01SPC200

06.20.2012

SVN3000

SVN2260 V200R001C01SPC200

06.20.2012

NIP100/200/1000

NIP5100/NIP2200/NIP210
0 V100R001C01(product
replacement)

07.30.2012

NIP2100&2200&5100

V100R001C01SPC200

07.30.2012

 


Customers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades. For TAC contact information, please refer to Huawei worldwide website at http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm.


This vulnerability is reported by Emaze Networks. The Huawei PSIRT is not aware of any malicious use launch to attack through the vulnerability described in this advisory.

For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.

For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.


2012-8-27 V1.0 INITIAL

2012-10-08 V1.1 Update

2012-11-07 V1.2 Update

2012-12-17 V1.3 Update

2013-8-16 V1.4 Update Update affect product list

This document is provided on an "AS IS" basis and does not imply any kind of guarantee or warranty, either express or implied, including the warranties of merchantability or fitness for a particular purpose. In no event shall Huawei or any of its directly or indirectly controlled subsidiaries or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. Your use of the document, by whatsoever means, will be totally at your own risk. Huawei is entitled to amend or update this document from time to time.


Complete information for providing feedback on security vulnerability of Huawei products, getting support for Huawei security incident response services, and obtaining Huawei security vulnerability information, is available on Huawei's worldwide website at http://www.huawei.com/en/security/psirt/.