Palo Alto Networks Security Advisories / PAN-SA-2018-0015

PAN-SA-2018-0015 OpenSSL Vulnerabilities in PAN-OS

047910
Severity 7.5 · HIGH
Attack Vector NETWORK
Attack Complexity LOW
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact HIGH

Description

The OpenSSL library has been found to contain vulnerabilities CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739. Palo Alto Networks software makes use of the vulnerable library and is affected. (Ref # PAN-98504/ CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739)

The OpenSSL library in use by PAN-OS is patched on a regular basis for security issues.

This issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier. WF-500 running WF-500 software versions PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier.

CVECVSSSummary
CVE-2018-07327.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2-1.0.2o).
CVE-2018-07375.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
CVE-2018-07396.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).

Product Status

VersionsAffectedUnaffected
PAN-OS 8.1<= 8.1.3>= 8.1.4
PAN-OS 8.0<= 8.0.13>= 8.0.14
PAN-OS 7.1<= 7.1.20>= 7.1.21
PAN-OS 6.1<= 6.1.20

Severity: HIGH

CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Weakness Type

CWE-320

Solution

PAN-OS 7.1.21 and later, PAN-OS 8.0.14 and later, PAN-OS 8.1.4 and later, WF-500 running WF-500 software version 8.0.14 and later, and WF-500 running WF-500 software version 8.1.4 and later. PAN-OS 6.1 will NOT have a fix. For WF-500 software versions 7.1 and earlier, please consult the WildFire Administrator’s Guide for steps to upgrade the software. An online copy of all available documentation can be found here (https://www.paloaltonetworks.com/documentation).

Workarounds and Mitigations

N/A

© 2020 Palo Alto Networks, Inc. All rights reserved.