Security Advisory Relating to Multiple OpenSSL Vulnerabilities on Various Polycom Products.



Similar documents
Security Advisory Relating to OpenSSL Vulnerability Heartbleed on Various Polycom Products

Security Advisory Relating to OpenSSL Vulnerability Heartbleed on Various Polycom Products

Product Documentation. Preliminary Evaluation of the OpenSSL Security Advisory (0.9.8 and 1.0.1)

Security Slots on Polycom SoundPoint IP, SoundStation IP, SoundStation Duo and VVX Series Phones

GETTING STARTED GUIDE. 1.3 September D. Polycom RealAccess

Syslog on Polycom Phones

Using the Unified Call Appearance List

Technical Bulletin 5844

Device Certificates on Polycom Phones

Connectivity to Polycom RealPresence Platform Source Data

Using Enhanced Feature Keys and Configurable Soft Keys on Polycom Phones

Using Feature Synchronized Automatic Call Distribution with Polycom Phones

Using Multiple Appearance Directory Number - Single Call Appearance with Polycom Phones

Information on Syslog For more information on syslog, see RFC Released: December 2006 Interoperability issues: None. Table 1: Syslog at a Glance

Using Premium Automatic Call Distribution for Call Centers

Polycom RealPresence Access Director System

Deploying and Configuring Polycom Phones in 802.1X Environments

Polycom RSS 4000 / RealPresence Capture Server 1.6 and RealPresence Media Manager 6.6

Customizing the Display Background on Polycom VVX Business Media Phones

Polycom Unified Communications in RealPresence Access Director System Environments

RealPresence Platform: Installation, Configuration and Troubleshooting - RPIIT202

Provisioning with the Master Configuration File

Accessibility Features on Polycom Phones

Configuring Optional Re-Registration on Failover Behavior

Polycom RealPresence DMA 7000 System, Virtual Edition

Edgewater Networks with Polycom RealPresence Platform and Phones

WHITEPAPER. February A. RealPresence One. Product Definition and Licensing. Polycom, Inc. 0

Broadcasting Audio Messages with Group Paging and Push-to-Talk

RealPresence Platform Director

Release Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7/v1.8

Technical Bulletin 11572

Broadcasting Audio Messages with Group Paging and Push-to-Talk

Supporting the Calendar, Instant Messaging, and Presence Features on Polycom Phones

Deploying Polycom SoundStation IP Conference Phones with Cisco Unified Communications Manager (CUCM)

How to Provision a Polycom Phone

RealPresence Resource Manager System

Polycom Unified Communications in RealPresence Access Director System Environments

Polycom RealPresence Access Director System

Polycom Recommended Best Security Practices for Unified Communications

A POLYCOM WHITEPAPER Polycom. Recommended Best Security Practices for Unified Communications

Engineering Advisory Power Consumption and Management on Polycom Phones

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

Polycom RealPresence DMA 7000 System, Virtual Edition

Using custom certificates with Spectralink 8400 Series Handsets

Polycom VVX 300, 310, 400 and 410 Business Media Phone

Polycom Unified Communications Deployment Guide for Microsoft Environments

Polycom RealPresence Content Sharing Suite

How To Use A Presence Desktop On A Pc Or Mac Or Ipad (For A Non-Profit) For Free

Polycom recommends that all legacy phones be updated to the most recent patch of their last supported SIP and BootROM software versions.

Getting Started Guide Polycom RealPresence Resource Manager System, Appliance Edition

SECURITY COMPARISON BETWEEN IBM WEBSPHERE MQ 7.5 AND APACHE ACTIVEMQ 5.9

Specific recommendations

Deployment Guide for the Polycom SoundStructure VoIP Interface for Cisco Unified Communications Manager (SIP)

Using Polycom VVX Business Media Phones with Microsoft Lync Server 2013

INSTANT MESSAGING SECURITY

Dell One Identity Cloud Access Manager How to Configure for High Availability

Polycom RealPresence DMA 7000 System

SPECIFIC TERMS AND CONDITIONS ON THE RENTAL OF A DEDICATED SERVER

RealPresence Resource Manager System

Streamlining Web and Security

SPECIFIC TERMS AND CONDITIONS ON THE RENTAL OF A KS (KIMSUFI) DEDICATED SERVER

Polycom RealPresence Content Sharing Suite

The Business Case for Security Information Management

SECURITY ADVISORY. December 2008 Barracuda Load Balancer admin login Cross-site Scripting

Security Guide. BES12 Cloud

Polycom RealPresence Content Sharing Suite Quick User Guide

PortSIP Encryption Relay Server Deployment Guide

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

Self Help Guides. Create a New User in a Domain

Polycom RealPresence Content Sharing Suite

Polycom Unified Communications Deployment Guide for Microsoft Environments

User Guide for Paros v2.x

Security Analytics Engine 1.0. Help Desk User Guide

External Supplier Control Requirements

Boundary Encryption.cloud Deployment Process Overview

Understanding Wireless Security on Your Polycom SpectraLink 8400 Series Wireless Phones

Managing for the Long Term: Keys to Securing, Troubleshooting and Monitoring a Private Cloud

Self Help Guides. Setup Exchange with Outlook

Polycom Unified Communications Deployment Guide for Cisco Environments

Dell Spotlight on Active Directory Server Health Wizard Configuration Guide

Reverse Proxy Three Myths Busted

AN OVERVIEW OF VULNERABILITY SCANNERS

Dell InTrust Preparing for Auditing Cisco PIX Firewall

How To Secure An Rsa Authentication Agent

Polycom Unified Communications for Microsoft Environments

Polycom Visual Communications Architecture and Design Guide

Dell Unified Communications Command Suite - Diagnostics 8.0. Data Recorder User Guide

Using Self Certified SSL Certificates. Paul Fisher. Quest Software. Systems Consultant. Desktop Virtualisation Group

Understanding Enterprise Cloud Governance

IBM Lotus Protector for Mail Encryption

S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010

SSA : Multiple Vulnerabilities in WinCC flexible and WinCC V11 (TIA Portal)

Update Configuration. Reboot Phone To upload files to assist in diagnostics, you can choose:

Introduction. Purpose. Background. Details

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Transcription:

SECURITY BULLETIN - Multiple CVEs Relating to OpenSSL Bulletin Version 1.2 Security Advisory Relating to Multiple OpenSSL Vulnerabilities on Various Polycom Products. DATE PUBLISHED: This information applies to all Polycom products running OpenSSL versions 0.9.8 through 0.9.8y, 1.0.0 through 1.0.0l (lowercase L), 1.0.1 through 1.0.1g. Please Note: This is a living document, updated regularly until any product affected by any of the vulnerabilities in this bulletin has been repaired against that vulnerability. The newest version of this document will always reside at the following URL: http://support.polycom.com/polycomservice/support/us/support/documentation/security_center.html Vulnerability Summary Vulnerabilities in OpenSSL could allow a remote attacker to expose sensitive data, inject data across sessions, or perform a denial of service. Details SSL/TLS MITM vulnerability An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server. The attack can only be performed between a vulnerable client *and* server. OpenSSL clients are vulnerable in all versions of OpenSSL. Servers are only known to be vulnerable in OpenSSL 1.0.1 and 1.0.2-beta1. Users of OpenSSL servers earlier than 1.0.1 are advised to upgrade as a precaution. This exploit is consistent with CVE-2014-0224. DTLS recursion flaw By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected.

This exploit is consistent with CVE-2014-0221. DTLS invalid fragment vulnerability A buffer overrun attack can be triggered by sending invalid DTLS fragments to an OpenSSL DTLS client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. Only applications using OpenSSL as a DTLS client or server affected. This exploit is consistent with CVE-2014-0195. SSL_MODE_RELEASE_BUFFERS NULL pointer dereference A flaw in the do_ssl3_write function can allow remote attackers to cause a denial of service via a NULL pointer dereference. This flaw only affects OpenSSL 1.0.0 and 1.0.1 where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common. This exploit is consistent with CVE-2014-0198. SSL_MODE_RELEASE_BUFFERS session injection or denial of service A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common. This exploit is consistent with CVE-2010-5298. Anonymous ECDH denial of service OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a denial of service attack. This exploit is consistent with CVE-2014-3470. ECDSA NONCE side-channel recovery attack The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. This exploit is consistent with CVE-2014-0076.

Products Affected Note that the only products in this table are the products confirmed by Polycom to be fixed against the vulnerabilities in this bulletin, or confirmed by Polycom to be unaffected by the vulnerabilities in this bulletin. All other products are still under investigation. RealPresence Distributed Media Application (DMA) RealPresence Media Manager RealPresence Capture Station CSS Gateway RealPresence Resource Manager (RPRM) CMA CX Video Products Other Than CX5500 RealPresence Mobile (RPM) FIXED by Version 3.2.1 RealPresence Desktop (RPD) FIXED by Version 3.2.1 M100 FIXED by Version 1.0.7 CMAD FIXED by Version 5.2.6 CSS FIXED by Version 1.3.1 Group Series FIXED by Version 4.1.4 Video Border Proxy (VBP) FIXED by Version 11.2.18 RSS 4000 FIXED by Version 8.5.2 Polycom Touch Control (PTC) FIXED by Version 4.1.4 HDX FIXED by Version 3.1.5 VVX & SoundStructure FIXED by Version 5.1.2.1801 SoundPoint & SoundStation FIXED by Version 4.0.7.2514 Group Series & Polycom Touch Control FIXED by Version 4.1.4 CloudAXIS Edge Service & Edge Experience Portals FIXED by Version 1.6.1 RSS 4000 FIXED by Version 8.5.2 Capture Server FIXED by Version 1.7 CX 5100/5500 FIXED by Version 1.1.1 RPAD FIXED by Version 4.0.1 CSS Server & Client FIXED by Version 1.3.1 RMX 4000/2000/1500 FIXED by Version 8.4.1 RMX 1800/Collaboration Server, Virtual Edition FIXED by Version 8.4.1 Platform Director Under Investigation

Mitigation Polycom recommends that customers use the latest versions of OpenSSL clients (0.9.8za, 1.0.0m, and 1.0.1h) to protect against CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-3470, and CVE- 2014-0076. In addition, Polycom recommends that customers evaluate network access control lists, firewalls and other network protections to ensure that they have been deployed in a manner that is consistent with security best practices. The risk presented by this potential vulnerability to Polycom products, as well as other networked devices, may be mitigated by these controls. Customers should also ensure that Polycom products have been configured as recommended by Polycom implementation guides. Customers may wish to implement additional event monitoring and review until such time that an update is installed. Solution As fixes become available for a given product, that information will appear in this bulletin in subsequent releases. Polycom will continue updating this bulletin until all fixes are in place. Polycom recommends that users of any Polycom product listed in the table above as being vulnerable update to the FIXED version of their product as soon as such a version becomes available. CVSS v2 Base Metrics: To assist our customers in the evaluation of this vulnerability; Polycom leverages the Common Vulnerability Scoring System (CVSS). This system provides an open framework for communicating the characteristics and impacts of information technology vulnerabilities that better enable our customers to make informed decisions and assess the impact on their environment. Base CVSS v2 Scores: CVE-2010-5298: 4.0 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2014-0195: 6.8 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2014-0198: 4.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2014-0221: 4.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2014-0224: 6.8 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2014-3470: 4.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2014-0076: 4.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) For more information on CVSS v2 please see: http://www.first.org/cvss/cvss-guide.html Severity: Medium Rating Critical High Definition A vulnerability, which, if exploited would allow malicious code to execute, potentially without a user being aware. A vulnerability, which, if exploited could impact the confidentiality, integrity, or availability of

data, or of the integrity or availability of resources. Medium Low A vulnerability that is limited to a significant degree by factors such as default configuration, auditing, or is difficult to exploit. A vulnerability that has minimal impact to the system and is extremely difficult to exploit. Contact Any customer using an affected system who is concerned about this vulnerability within their deployment should contact Polycom Technical Support either call 1-800-POLYCOM or visit: http://support.polycom.com/polycomservice/support/us/support/documentation/security_center.html for the latest information. You might also find value in the high-level security guidance and security news located at: http://www.polycom.com/security Revision History Revision 1.0 - Original publication: June 30, 2014 VBP Fix Announced Revision 1.1 Original publication: August 5, 2014 RPM, RPD, M100, CMAD, CSS, Group Series announced Revision 1.2 Original publication: September 15, 2014 HDX, 2014, Polycom, Inc. All rights reserved. Trademarks POLYCOM, the Polycom logo and all names and marks associated with Polycom and Polycom's products are trademarks and/or service marks of Polycom, Inc. and are registered and/or common law marks in the United States and various other countries. All other trademarks are property of their respective owners. No portion hereof may be reproduced or transmitted in any form or by any means, for any purpose other than the recipient's personal use, without the express written permission of Polycom. Disclaimer While Polycom uses reasonable efforts to include accurate and up-to-date information in this document, Polycom makes no warranties or representations as to its accuracy. Polycom assumes no liability or responsibility for any typographical errors, out of date information, or any errors or omissions in the content of this document. Polycom reserves the right to change or update this document at any time. Individuals are solely responsible for verifying that they have and are using the most recent Technical Bulletin. Limitation of Liability Polycom and/or its respective suppliers make no representations about the suitability of the information contained in this document for any purpose. Information is provided "as is" without warranty of any kind and is subject to change without notice. The entire risk arising out of its use remains with the recipient. In no event shall Polycom and/or its respective suppliers be liable for any direct, consequential, incidental, special, punitive or other damages whatsoever (including without limitation, damages for loss of business profits, business interruption, or loss of business information), even if Polycom has been advised of the possibility of such damages.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information