OpenSSL Security Vulnerability
CVE-2014-0224

Entrust® Security Bulletin E14-014

June 10, 2014

On June 5, 2014, the OpenSSL team released a security advisory (https://www.openssl.org/news/secadv_20140605.txt) that includes an SSL/TLS man-in-the-middle vulnerability (CVE-2014-0224). This vulnerability allows an attacker in a position to modify traffic between a vulnerable SSL client and vulnerable SSL server to cause them to agree on weak SSL keys. The attacker can then read and manipulate the SSL traffic.

Entrust is currently investigating the impact of this vulnerability on its products.  The following products contain OpenSSL:

  • IdentityGuard ISAPI Filter
  • GetAccess Runtimes
  • Discovery Agent
  • Entelligence Messaging Server
  • TransactionGuard

The following products do not contain OpenSSL, but make use of platform-supplied SSL/TLS libraries that may contain OpenSSL:

  • IdentityGuard Mobile for Android
  • IdentityGuard Mobile SDK for Android
  • IdentityGuard Mobile Smart Credential for Android
  • IdentityGuard Mobile Smart Credential SDK for Android

Entrust products may be deployed in conjunction with third-party software such as web servers that may contain OpenSSL.  Customers should check with vendors of such third-party software to determine whether they are impacted and whether security updates are available.

Please note that the presence of OpenSSL in a particular product does not necessarily indicate that the product is vulnerable to attack.  Additional information on the status of each product listed above will be provided as Entrust’s investigation proceeds.

Entrust customers are urged to implement the changes described in the Corrective Action section below.

Impact of Vulnerability:

The man-in-the-middle attack is only possible when both the client and the server are running a vulnerable version of OpenSSL.  Furthermore, the server must be running a vulnerable version of OpenSSL 1.0.1 or 1.0.2-beta1, as older versions are not vulnerable when functioning as a server.

Details of the impact on each Entrust product enumerated in the Summary section are listed below.

Mitigating Factors:

IdentityGuard ISAPI Filter uses OpenSSL to secure communication between itself and the Authentication Web Application.  Since the Authentication Web Application is hosted on Microsoft IIS, which does not use OpenSSL, the communication between the ISAPI Filter and the Authentication Web Application is not vulnerable to CVE-2014-0224.

Communication between end users and the ISA Server hosting the ISAPI Filter is not vulnerable, as ISA Server does not use OpenSSL.

As a precaution, OpenSSL will be updated in upcoming scheduled releases of IdentityGuard ISAPI Filter.

GetAccess Runtimes:

GetAccess Runtimes can be configured to use OpenSSL to secure communication with GetAccess Server.  But since GetAccess Server does not use OpenSSL for SSL/TLS, the communication between GetAccess Runtimes and GetAccess Server is not vulnerable to CVE-2014-0224.

The web server hosting a GetAccess Runtime may use SSL/TLS when communicating with end users.  Customers should check with their web server vendor to determine whether they are impacted and whether security updates are available.

As a precaution, OpenSSL will be updated in upcoming scheduled releases of GetAccess Runtimes.

Discovery Agent:

Discovery Agent uses OpenSSL to fetch certificates from SSL servers it is scanning upon request from the Discovery application.  Since OpenSSL is not used to perform encrypted or authenticated communication with SSL servers, CVE-2014-0224 does not apply to Discovery Agent’s use of OpenSSL.

As a precaution, OpenSSL will be updated in upcoming scheduled releases of Discovery Agent.

Entelligence Messaging Server:

The impact of CVE-2014-0224 on Entelligence Messaging Server is still being investigated.  Customers of Entelligence Messaging Server will be notified once the impact has been determined.

TransactionGuard:

TransactionGuard uses OpenSSL 0.9.8e to protect the XAdmin application. Since this version of OpenSSL is not vulnerable to CVE-2014-0224 when used as a server, XAdmin is not vulnerable to man-in-the-middle attacks.

As a precaution, OpenSSL will be updated in upcoming scheduled releases of TransactionGuard.

IdentityGuard Mobile for Android:

IdentityGuard Mobile for Android uses Android’s SSL/TLS implementation to secure its communication with the IdentityGuard Self Service Module Transaction Component.  It communicates with the Transaction Component to perform quick activation, as well as to respond to security challenges and transactions.

Transaction Component does not use OpenSSL for SSL/TLS, so direct communication between IdentityGuard Mobile and Transaction Component is not vulnerable to CVE-2014-0224.  However, if Transaction Component has been installed behind a third-party web server, and that web server is running a vulnerable version of OpenSSL 1.0.1 or 1.0.2-beta1, then communication between IdentityGuard Mobile and Transaction Component may be at risk of a man-in-the-middle attack.  If you are running such a web server, please contact the vendor to request a security update.

Google has already committed a fix for CVE-2014-0224 to the Android Open Source Project (AOSP), and it is expected that device manufacturers will release software updates for affected devices.  Please note that such updates are not required to ensure secure communication between IdentityGuard Mobile and Transaction Component; it suffices to ensure that the web server in front of Transaction Component (if any) is not vulnerable.

IdentityGuard Mobile SDK for Android:

IdentityGuard Mobile SDK for Android allows a custom networking implementation to be supplied.  In the event that the default networking implementation is used, IdentityGuard Mobile SDK uses Android’s SSL/TLS implementation to secure its communication with the IdentityGuard Self Service Module Transaction Component.  It communicates with the Transaction Component to perform quick activation, as well as to respond to security challenges and transactions.  In the event that a custom networking implementation is used, then whether or not a vulnerable SSL/TLS implementation is used depends on the details of that implementation.

Transaction Component does not use OpenSSL for SSL/TLS, so direct communication between IdentityGuard Mobile SDK and Transaction Component is not vulnerable to CVE-2014-0224.  However, if Transaction Component has been installed behind a third-party web server, that web server is running a vulnerable version of OpenSSL 1.0.1 or 1.0.2-beta1, and a networking implementation making use of a vulnerable SSL/TLS library is used, then communication between IdentityGuard Mobile SDK and Transaction Component may be at risk of a man-in-the-middle attack.  If you are running such a web server, please contact the vendor to request a security update.

Google has already committed a fix for CVE-2014-0224 to the Android Open Source Project (AOSP), and it is expected that device manufacturers will release software updates for affected devices.  Please note that such updates are not required to ensure secure communication between IdentityGuard Mobile and Transaction Component; it suffices to ensure that the web server in front of Transaction Component (if any) is not vulnerable.

IdentityGuard Mobile Smart Credential for Android:

IdentityGuard Mobile Smart Credential for Android uses Android’s SSL/TLS implementation to secure its communication with the IdentityGuard Self Service Module Transaction Component.  It communicates with the Transaction Component to perform over-the-air encoding, as well as to respond to security challenges and transactions.

Transaction Component does not use OpenSSL for SSL/TLS, so direct communication between IdentityGuard Mobile Smart Credential and Transaction Component is not vulnerable to CVE-2014-0224.  However, if Transaction Component has been installed behind a third-party web server, and that web server is running a vulnerable version of OpenSSL 1.0.1 or 1.0.2-beta1, then communication between IdentityGuard Mobile Smart Credential and Transaction Component may be at risk of a man-in-the-middle attack.  If you are running such a web server, please contact the vendor to request a security update.

Google has already committed a fix for CVE-2014-0224 to the Android Open Source Project (AOSP), and it is expected that device manufacturers will release software updates for affected devices.  Please note that such updates are not required to ensure secure communication between IdentityGuard Mobile and Transaction Component; it suffices to ensure that the web server in front of Transaction Component (if any) is not vulnerable.

IdentityGuard Mobile Smart Credential SDK for Android:

IdentityGuard Mobile Smart Credential SDK for Android allows a custom networking implementation to be supplied.  In the event that the default networking implementation is used, IdentityGuard Mobile SDK uses Android’s SSL/TLS implementation to secure its communication with the IdentityGuard Self Service Module Transaction Component.  It communicates with the Transaction Component to perform over-the-air encoding, as well as to respond to security challenges and transactions.  In the event that a custom networking implementation is used, then whether or not a vulnerable SSL/TLS implementation is used depends on the details of that implementation.

Transaction Component does not use OpenSSL for SSL/TLS, so direct communication between IdentityGuard Mobile Smart Credential SDK and Transaction Component is not vulnerable to CVE-2014-0224.  However, if Transaction Component has been installed behind a third-party web server, that web server is running a vulnerable version of OpenSSL 1.0.1 or 1.0.2-beta1, and a networking implementation making use of a vulnerable SSL/TLS library is used, then communication between IdentityGuard Mobile Smart Credential SDK and Transaction Component may be at risk of a man-in-the-middle attack.  If you are running such a web server, please contact the vendor to request a security update.

Google has already committed a fix for CVE-2014-0224 to the Android Open Source Project (AOSP), and it is expected that device manufacturers will release software updates for affected devices.  Please note that such updates are not required to ensure secure communication between IdentityGuard Mobile and Transaction Component; it suffices to ensure that the web server in front of Transaction Component (if any) is not vulnerable.

Mitigating Factors:

  • There are no known cases involving the exploitation of this vulnerability among Entrust’s customers.
  • IdentityGuard ISAPI Filter, GetAccess Runtimes, Discovery Agent, and TransactionGuard do not use OpenSSL in a way that is vulnerable to CVE-2014-0224.

Corrective Action:

Entrust products may be deployed in conjunction with third-party software such as web servers that may contain OpenSSL.  Customers should check with vendors of such third-party software to determine whether they are impacted and whether security updates are available.

No further action is required for the following Entrust products:

  • IdentityGuard ISAPI Filter
  • GetAccess Runtimes
  • Discovery Agent
  • TransactionGuard

Corrective action for Entelligence Messaging Server, if required, will be provided as the investigation proceeds.

Corrective action is not required for the following products, unless IdentityGuard Self Service Module Transaction Component has been deployed behind a vulnerable web server:

  • IdentityGuard Mobile for Android
  • IdentityGuard Mobile SDK for Android
  • IdentityGuard Mobile Smart Credential for Android
  • IdentityGuard Mobile Smart Credential SDK for Android

Customers should check with the vendor of their web server to determine whether they are impacted and whether software updates are available.

Support:

Entrust customer support is available by phone at our regular support numbers.

© Copyright 2014 Entrust.  All rights reserved.

Entrust is a trademark or a registered trademark of Entrust, Inc. in the United States and certain countries. All Entrust product names and logos are trademarks or registered trademarks of Entrust. All other company and product names and logos are trademarks or registered trademarks of their respective owners in certain countries.

Given the very nature of security vulnerabilities, security bulletins are intended to be kept to a small group of individuals.  Security bulletins are to be distributed within your company only, and only on a need to know basis.

The information in this bulletin is proprietary and confidential to Entrust, Inc. and its subsidiaries, and any disclosure of this information is governed by the confidentiality terms in the agreement pursuant to which you obtained a license for the referred to Entrust products.

The information in this bulletin is provided “as is” by Entrust without any representations, conditions and/or warranties of any kind, whether express, implied, statutory, by usage of trade, or otherwise. Entrust specifically disclaims any and all representations, conditions, and/or warranties of merchantability, satisfactory quality, and/or fitness for a particular purpose. The only representations, conditions and/or warranties that may be applicable to any Entrust products that you may have are those contained in the agreement pursuant to which you obtained a license for those Entrust products.

Revisions:

  • V1.0 (June 5, 2014): Bulletin published.
  • V1.1 (June 10, 2014): Further details added.