Security Advisory - Bar Mitzvah Attack Vulnerability in Huawei Products
- SA No:Huawei-SA-20150919-01-RC4
- Initial Release Date: Sep 19, 2015
- Last Release Date: May 05, 2016
A security vulnerability exists in Rivest Cipher 4 (RC4) used by TLS and SSL protocols. RC4 cannot provide sufficient data protection. After listening to an SSL or TLS connection, an attacker can obtain plaintext data by brute force cracking. This vulnerability is also called Bar Mitzvah. (Vulnerability ID: HWPSIRT-2015-03025)
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2015-2808.|
Product Name |
Affected Version |
Resolved Product and Version |
|
E6000 Chassis |
V100R001C00 |
V100R001C00SPC300 |
|
E9000 Chassis |
V100R001C00 |
V100R001C00SPC230 |
|
OceanStor 18500 |
V100R001C00 |
V100R001C20SPC200 |
|
V100R001C10 |
||
|
OceanStor 18800 |
V100R001C00 |
V100R001C20SPC200 |
|
V100R001C10 |
||
|
V100R001C20 |
||
|
V100R001C30 |
||
|
OceanStor 18800F |
V100R001C00 |
V100R001C20SPC200 |
|
V100R001C10 |
||
|
V100R001C20 |
||
|
V100R001C30 |
||
|
OceanStor 9000 |
V100R001C01 |
V100R001C01SPC210 |
|
OceanStor CSE |
V100R002C00LSFM01 |
V100R003C00 |
|
OceanStor HVS85T |
V100R001C00 |
OceanStor 18500 V100R001C20SPC200 |
|
V100R001C30 |
||
|
OceanStor ReplicationDirector |
V100R003C00 |
V100R003C00SPC400 |
|
OceanStor S2600T |
V200R002C00 |
V200R002C20SPC200 |
|
V200R002C10 |
||
|
V200R002C20 |
||
|
V200R002C30 |
||
|
OceanStor S5500T |
V200R002C00 |
V200R002C20SPC200 |
|
V200R002C10 |
||
|
OceanStor S5600T |
V200R002C00 |
V200R002C20SPC200 |
|
V200R002C10 |
||
|
OceanStor S5800T |
V200R001C00SPC800 |
V200R002C20SPC200 |
|
V200R002C00 |
||
|
V200R002C10 |
||
|
OceanStor S6800T |
V200R002C00 |
V200R002C20SPC200 |
|
V200R002C10 |
||
|
OceanStor VIS6600T |
V200R003C10 |
V200R003C10SPC400 |
|
Policy Center |
V100R003C00 |
V100R003C10SPC015 |
|
V100R003C10 |
||
|
Quidway S9300 |
V100R006C00B010 |
V200R007SPH003 |
|
S7700/ 9700/ S12700 |
V200R006 and earlier versions |
V200R007C00SPC500+V200R007SPH003 |
|
V200R007C00SPC500 |
V200R007SPH003 |
|
|
S2700/ S3700 |
V100R006C05 |
V100R006SPH023 |
|
S5700EI/ S5700HI/ S5700SI/ S5710EI/ S5710HI/ S6700 |
V200R005 and earlier versions |
V200R005C00SPC500 |
|
S2750/ S5700LI/ S5700S-LI/ S5720HI |
V200R006C00SPC300 |
V200R006SPH006 |
|
S2750/ S5700LI/ S5700S-LI/ S5720HI/ S5720EI |
V200R007C00SPC500 |
V200R007SPH003 |
|
SMC2.0 |
V100R002C01 |
V100R003C10SPC100 |
|
V100R002C02 |
||
|
V100R002C03 |
||
|
V100R002C04 |
||
|
TE60 |
V100R001C10 |
V100R001C10SPC300 |
|
UltraVR |
V100R003C00 |
V100R003C00SPC200 |
The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).
Base Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Temporal Score: 3.6 (E:F/RL:O/RC:C)1. Prerequisite:
An attacker can sniff and listen to an SSL or TLS connection.
2. Attacking procedure:
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, aka the "Bar Mitzvah" issue.
For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.
2016-05-05 V1.1 UPDATE Update the affected product list and fixed version
2015-09-19 V1.0 INITIAL
None
