TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerability

Description

Vulnerability Description: The SSL/TLS service uses Diffie-Hellman groups with insufficient strength i.e., key size less than 2048 bits.

Evidence: rpc12620.corp.acme.org

Impact: An attacker might be able to decrypt the SSL/TLS communication offline.

Acceptance / Success Criteria

None

Attachments

Lucidchart Diagrams

Activity

Alberto February 22, 2022 at 7:41 PM

Back ported configuration from current branch

Alberto February 16, 2022 at 3:56 PM

PR:4265

Alberto February 13, 2022 at 3:47 PM

Added PR: 4240:

Excluded DHE weak ciphers from the jetty configuration in foundation-2021.

Branch develop already has a wider exclusion list in jetty.xml

and I was wondering if that would be a better option. I tested using this PR and using the develop configuration as well against jdk 8 and 11.

PR results output:

PORT STATE SERVICE
8443/tcp open https-alt

ssl-enum-ciphers:

TLSv1.2:

ciphers:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A

TLS_RSA_WITH_AES_256_CBC_SHA256 (rsa 2048) - A

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A

TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A

TLS_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A

TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A

TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A

TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A

compressors:

NULL

cipher preference: server

_ least strength: A

Develop results output:

PORT STATE SERVICE
8443/tcp open https-alt

ssl-enum-ciphers:

TLSv1.2:

ciphers:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A

TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A

TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A

compressors:

NULL

cipher preference: server

_ least strength: A

Looks like all vulnerabilities against CBC have been fixed in TLS1.2 however there are a couple of CBC that have some SHA vulnerabilities and the recommendation is to use GCM instead.

Gabriela Lopez January 10, 2022 at 5:13 PM

Item has been determined to be a security low risk issue.

Fixed

Details
Assignee
Alberto
Reporter
Gaurav Pande
Labels
quickwinsecurity-low
HB Grooming Date
Dec 14, 2021
HB Backlog Status
NB
Sprint
None
Fix versions
Meridian-2021.1.12
Meridian-2022.1.0
29.0.7
Affects versions
Meridian-2021.1.3
Priority
Medium

PagerDuty

Created December 10, 2021 at 6:19 AM

Updated December 14, 2022 at 1:07 AM

Resolved February 22, 2022 at 7:41 PM

TLS: Diffie-Hellman Key Exchange Insufficient DH Group Strength Vulnerability

Description

Acceptance / Success Criteria

Attachments

Lucidchart Diagrams

Activity

Alberto February 22, 2022 at 7:41 PM

Alberto February 16, 2022 at 3:56 PM

Alberto February 13, 2022 at 3:47 PM

Gabriela Lopez January 10, 2022 at 5:13 PM

DetailsAssigneeAlbertoAlbertoReporterGaurav PandeGaurav PandeLabelsquickwinsecurity-lowHB Grooming DateDec 14, 2021HB Backlog StatusNBSprintNone+2Fix versionsMeridian-2021.1.12Meridian-2022.1.029.0.7Affects versionsMeridian-2021.1.3PriorityMedium

Details

Assignee

Reporter

Labels

HB Grooming Date

HB Backlog Status

Sprint

Fix versions

Affects versions

Priority

PagerDutyPagerDuty Incident

PagerDuty

Details
Assignee
Alberto
Reporter
Gaurav Pande
Labels
quickwinsecurity-low
HB Grooming Date
Dec 14, 2021
HB Backlog Status
NB
Sprint
None
Fix versions
Meridian-2021.1.12
Meridian-2022.1.0
29.0.7
Affects versions
Meridian-2021.1.3
Priority
Medium

PagerDuty