ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
CVSSv2 score: 4.30 at SUSE
Response: The flaw exists but is not exploitable (in AM by default)
It is possible for external clients to make SSL connections to the AM database however this is not the default configuration. Customers who require this access and who are willing to assume the risks need to:
create a special user for access (termed a “read-only” user because they have read-only access to a limited set of tables in the database (all sensitive data is encrypted as well)).
open the firewall port for access to the database - normally this is always blocked.
connect with their own client (possibly obtained from Postgres).
For this connection (if enabled) AM will use a vulnerable 1.0.1 version of the OpenSSL library but the issue is not exploitable in the default AM configuration.
Note that there is also an OpenSSL version 0.9.8 installed on the appliance but this is not vulnerable to this issue and not used for SSL connections.
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
CVSSv2 score: 7.12 at SUSE
Response: The flaw does not exist
The RSA Authentication Manager does not use a vulnerable version of OpenSSL.
Read and use the information in this RSA Security Advisory to assist in avoiding any situation that might arise from the problems described herein. If you have any questions regarding this product alert, contact RSA Software Technical Support at 1- 800 995 5095. RSA Security LLC and its affiliates, including without limitation, its ultimate parent company, EMC Corporation, distributes RSA Security Advisories in order to bring to the attention of users of the affected RSA products, important security information. RSA recommends that all users determine the applicability of this information to their individual situations and take appropriate action. The information set forth herein is provided 'as is' without warranty of any kind. RSA disclaims all warranties, either express or implied, including the warranties of merchantability, fitness for a particular purpose, title and non-infringement. In no event, shall RSA, its affiliates or suppliers, be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if RSA, its affiliates or suppliers have been advised of the possibility of such damages. Some jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, so the foregoing limitation may not apply.