SSL 3.0 'POODLE' Vulnerability and Attachmate Products

  • 7021975
  • 16-Oct-2014
  • 02-Mar-2018

Environment

All Attachmate products

Situation

A vulnerability has been identified in the SSL 3.0 (SSLv3) protocol, which can be used for encrypted communications. This technical note lists affected Attachmate products and provides links to additional information.

Resolution

Vulnerability Overview

The “POODLE†vulnerability affects all SSL 3.0 connections using ciphersuites with any block cipher encryption algorithm in CBC (Cipher Block Chaining) mode. This allows a man-in-the-middle attacker to capture encrypted data and use a padding weakness in CBC mode ciphers to decrypt the data without the private key used to encrypt it. It is a design flaw in the SSL 3.0 protocol, which cannot be fixed unless the protocol specification is updated. Since the protocol is now 18 years old, and is considered deprecated because of other design weaknesses, we consider the chances of a fix for this vulnerability to be extremely remote. Newer TLS protocols are more secure than SSL 3.0.

The "POODLE" vulnerability is exacerbated by an automatic fallback feature in many older SSL/TLS applications: If a TLS connection attempt is closed by either side, a separate SSL 3.0 connection is attempted. This allows the man-in-the-middle attacker to send disconnects to both sides to downgrade them to SSL 3.0 and, if successful, execute the CBC attack. Thus, SSL libraries (such as OpenSSL) have recently been updated to avoid the automatic fallback mechanism.

Although the attack is primarily directed at browsers and web servers, it also applies to other applications, such as VPNs, FTPS file transfer, etc., where both client and server have implemented the fallback functionality.

Even without the fallback implemented, the CBC padding weakness could be exploited in any explicit SSL 3.0 connection by a man-in-the-middle sniffing the network traffic between clients and servers, and so SSL 3.0 should now be considered a non-secure protocol.

Products May Be Vulnerable by Default

Some components in the following Attachmate products may be subject to the SSL 3.0 “POODLE†vulnerability (CVE-2014-3566) in their default configurations. Please refer to each product’s Security Updates web page for the latest information:

Product
More Info
Verastream Host Integrator
https://support.microfocus.com/security/

Attachmate products containing vulnerable libraries will be updated in upcoming releases to disable the automatic fallback to SSL 3.0.

Products Not Vulnerable by Default

Most of Attachmate’s products that can establish encrypted connections are, by default, not susceptible to the SSL 3.0 “POODLE†vulnerability (CVE-2014-3566) either because they do not automatically fall back to SSL 3.0 if a TLS protocol connection cannot be established, or because they do not use SSL 3.0. These include all currently supported versions of:

Product
Status
Reflection 2014, 2011 products
Not vulnerable by default, though SSL 3.0 could be explicitly configured.
Reflection 14.1 products
Not vulnerable by default, though SSL 3.0 could be explicitly configured.
Reflection for the Web products
Not vulnerable by default, though SSL 3.0 could be explicitly configured. See https://support.microfocus.com/security/.
Reflection Security Gateway products
Not vulnerable by default, though SSL 3.0 could be explicitly configured. See https://support.microfocus.com/security/.
EXTRA!
Not vulnerable by default, though SSL 3.0 could be explicitly configured.
INFOConnect products
Not vulnerable by default, though SSL 3.0 could be explicitly configured.
Reflection for Secure IT Client for Windows
Not vulnerable by default, though SSL 3.0 could be explicitly configured in Reflection FTP Client.
Reflection for Secure IT Server for Windows
Not vulnerable: does not support SSL/TLS; uses SSH protocol.
Reflection for Secure IT Server for UNIX
Not vulnerable: does not support SSL/TLS; uses SSH protocol.
Reflection for Secure IT Web Edition
Not vulnerable by default.
FileXpress Gateway
Not vulnerable by default.
Verastream Process Designer
Not vulnerable; does not use SSL 3.0.
Verastream Terminal Client
Not vulnerable with typical use. See also https://support.microfocus.com/security/.
Verastream Bridge Integrator
Not vulnerable by default.

However, if a SSL 3.0 connection is explicitly configured, the product would be subject to the “POODLE†vulnerability. Refrain from using SSL 3.0 protocol connections unless no other option exists. If no other option exists, strictly controlled network paths should be used to limit such connections between trusted clients and servers.

If products are configured to run in FIPS mode, then SSL 3.0 connections are explicitly disabled. Please refer to your product documentation for instructions on enabling FIPS mode.

You should also ensure that any browsers you use in conjunction with Attachmate products are not subject to this vulnerability.

References

For more information, please refer to the sources listed below:

Status

Security Alert

Additional Information

Legacy KB ID

This article was originally published as Attachmate Technical Note 2750.