F5 have announced a critical severity vulnerability
A BIG-IP virtual server configured with a Client SSL profile may be vulnerable to an Adaptive Chosen Ciphertext attack (AKA Bleichenbacher attack) against RSA, which when exploited, may result in plaintext recovery of encrypted messages and/or a Man-in-the-middle (MiTM) attack, despite the attacker not having gained access to the server’s private key itself.
Full advisory here: https://support.f5.com/csp/article/K21905460
Vulnerable Configuration
A virtual server associated with a Client SSL profile with RSA key exchange enabled.
Captured TLS sessions encrypted with ephemeral cipher suites (DHE or ECDHE) are not at risk for subsequent decryption due to this vulnerability.
Impact to RedShield Customers
RedShield customers with default SSL profiles are not vulnerable as our default SSL profiles use ECDHE.
However as we have some customers with custom SSL profiles we are upgrading all our RedShield Cloud F5 systems to a non-vulnerable version. On premise customers will be contacted and advised individually.
Update 20th November 2017:
All primary RedShield Cloud F5 systems have been patched. All RedShield Cloud customers are now protected from this vulnerability. Secondary systems are in the process of being patched.
Update 21st November 2017:
All RedShield Cloud F5 systems have been patched. All RedShield Cloud customers are now protected from this vulnerability.
Comments