· Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000...

25
News Start Security Advisory-OpenSSL Heartbeat Extension vulnerability (Heartbleed bug) on Huawei multiple products SA No: Huawei-SA-20140417-Heartbleed Initial Release Date: 04-17-2014 Last Release Date: 05-12-2014 Summary Some OpenSSL software versions used in multiple Huawei products have the following OpenSSL vulnerability. Unauthorized remote attackers can dump 64 Kbytes of memory of the connected server or client in each attack. The leaked memory may contain sensitive information, such as passwords and private keys (Vulnerability ID: HWPSIRT-2014-0414). This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-201 4 - 0160 . Impact The impacts of this vulnerability on Huawei products vary with products. Attackers may exploit this vulnerability to dump a certain size of memory of devices. The leaked memory may contain sensitive information, such as passwords and private keys. Vulnerability Scoring Details The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/ ). Base Score: 5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N)

Transcript of  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000...

Page 1:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

News Start

Security Advisory-OpenSSL Heartbeat Extension

vulnerability (Heartbleed bug) on Huawei multiple

productsSA No: Huawei-SA-20140417-HeartbleedInitial Release Date: 04-17-2014Last Release Date: 05-12-2014

SummarySome OpenSSL software versions used in multiple Huawei products have

the following OpenSSL vulnerability. Unauthorized remote attackers can

dump 64 Kbytes of memory of the connected server or client in each

attack. The leaked memory may contain sensitive information, such as

passwords and private keys (Vulnerability ID: HWPSIRT-2014-0414). This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE)

ID: CVE-2014-0160.

ImpactThe impacts of this vulnerability on Huawei products vary with products.

Attackers may exploit this vulnerability to dump a certain size of memory

of devices. The leaked memory may contain sensitive information, such as

passwords and private keys.

Vulnerability Scoring DetailsThe vulnerability classification has been performed by using the CVSSv2

scoring system (http://www.first.org/cvss/).Base Score: 5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) Temporal Score: 4.5 (E:P/RL:U/RC:C)

Technique Details1. Prerequisite:

Page 2:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

This vulnerability can be exploited only when the following conditions are

present:The attacker is able to locally or remotely access the device affected by

the vulnerability.2. Vulnerability details:The vulnerability is due to a missing memory bounds check when the

OpenSSL software processes TLS heartbeat packets. Attackers can trigger

the vulnerability by sending malformed TLS heartbeat packets to the

server. The attacker may also impersonate a server to send malicious

packets to a client that accesses the server to attack the client. After the

attack succeeds, the attacker can dump a certain size of memory each

time the attacker sends a malicious heartbeat packet. The dumped

memory may contain sensitive information, such as passwords and private

keys. Temporary FixNull

Software Versions and FixesProduct Name Affected Version Solved Plan/Patch Link

AHR V100R003C00SPC350 and later versions V100R003C00SPC360

BCM BCM V300R003C01BCM V300R003C30

V300R003C30LG0106SPC002V300R003C50SPC020

Billing V5R5

CBS V500R005C21

BCM V300R003C30LG0106SPC002BCM V300R003C50SPC020

CBS CBS V300R003C01CBS V100R002C02

BICP V100R001C50LS0002BCM V300R003C30LG0106SPC002

Page 3:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

BCM V300R003C50SPC020

CCE3.0 CCE V100R003C00 V100R003C00CP1301

CPS CPS V100R001C10CPS V100R001C20

BICP V100R001C50LS0002BCM V300R003C30LG0106SPC002BCM V300R003C50SPC020

CRM CC&BM V100R002C61CC&BM V100R002C62CC&BM V100R002C72Wimax BOSS V100R001C01

BICP V100R001C50LS0002

CSP V600R005C10V600R005C11SPC100

V600R003C90LG1032

CTI V300R005C50V300R006C30

V300R005C50SPC011

DWH V100R002C10V100R002C30

BICP V100R001C50LS0002

IDC Solution V100R001C01 Tecal RH2288 V2 V100R002C00SPC115Tecal RH2285 V2 V100R002C00SPC113Tecal E6000 Chassis V100R001C00SPC111Tecal BH622 V2 V100R002C00SPC108Tecal BH640 V2 V100R002C00SPC107Tecal BH640 V2 V100R002C00SPC107

V100R001C03 Tecal RH2285 V2 V100R002C00SPC113Tecal RH2288 V2 V100R002C00SPC115Tecal RH2485 V2 V100R002C00SPC501Tecal RH5885 V2 V100R001C02SPC109Tecal XH310 V2 V100R001C00SPC107

Page 4:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

Tecal XH311 V2 V100R001C00SPC107Tecal XH320 V2 V100R001C00SPC109Tecal XH621 V2 V100R001C00SPC105Tecal RH1288 V2 V100R002C00SPC105Tecal DH310 V2 V100R001C00SPC107Tecal DH620 V2 V100R001C00SPC105Tecal DH621 V2 V100R001C00SPC105Tecal E6000 Chassis V100R001C00SPC111Tecal BH622 V2 V100R002C00SPC108Tecal BH640 V2 V100R002C00SPC107CSB Solution V100R001C01SPC101

eBIMS V100R001C00SPC100 V100R001C00SPC200

ECC500 V600R001C00 V6R1C00SPC100

EDC Solution V100R001C01 Tecal E6000 Chassis V100R001C00SPC111Tecal BH622 V2 V100R002C00SPC108Tecal BH640 V2 V100R002C00SPC107

eLTE Broadband

Access

eSight V300R001C10 V300R001C10CP2004

eCNS600 V100R001C00

eCNS600 V100R002C00V100R002C00SPC300V100R002C00SPC300

eSDK Solution V100R002C01 eSDK IVS V100R003C10SPC100eSDK UC V100R003C10SPC001

eSight V200R003C00V200R003C01V200R003C10

V200R003C01SPC204V200R003C10SPC104

eSight UC&C V100R001C01 V100R001C20SPH303

Page 5:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

V100R001C02 V100R001C01SPH301eSpace desktop V200R001 V200R001C03SPC800

eSpace Meeting

Portal

V100R001C00 V100R001C00SPC302

eSpace IVS V100R001C02 V100R001C02SPC102

eSpace UC V200R001C50 V200R001C50SPC003T

EVC3.3 EVC V300R003C02 BICP V100R001C50LS0002

FusionCloud

Desktop SolutionV100R003C00 Tecal RH2285 V2

V100R002C00SPC113

Fusioncube V100R002C00

V100R002C01Tecal RH2288 V2 V100R002C00SPC115

FusionSphere V100R003C00 Tecal E9000 Chassis V100R001C00SPC160

HSS9860 HSS9860 V900R008C20 V900R008C20SPC508

HyperDP OceanStor N8500V200R001C09

V200R001C09SPC500

OceanStor N8500 V200R001C91

V200R001C91SPC200

IDS2000 V300R001C11/C12/C31/C32

ECC500 V3R1C30

iManager M2000 iManager M2000 V200R013C00SPC230iManager M2000 V200R013C00HP2301

V200R013C00CP2302

iManager PRS iManager PRS V100R014C00SPC100 V100R014C00CP1501

iManager U2000 iManager U2000 V100R009C00SPC300

V100R009C00CP3002

iManager

U2000-M

iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110

V200R014C00SPC200

IMS IMS V200R010C00 CGP V100R006C60SPC609

ISOP V200R001C00 BICP V100R001C50LS0002

LMT of GGSN9811 V900R008C01 UGW9811

Page 6:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

GGSN9811/

UGW9811/

PDSN9660/

WASN9770/

HA9661

UGW9811 V900R001C03UGW9811 V900R001C05UGW9811 V900R009C01UGW9811 V900R009C02UGW9811 V900R010C00UGW9811 V900R010C01UGW9811 V900R010C72UGW9811 V900R010C81HA9661 V900R007C06PDSN9660 V900R007C02PDSN9660 V900R007C03PDSN9660 V900R007C05PDSN9660 V900R007C06WASN9770 V300R003C01WASN9770 V300R003C02

V900R009C01SPC300UGW9811 V900R009C02SPC200UGW9811 V900R010C00SPC100UGW9811 V900R010C01SPC200UGW9811 V900R010C72SPC200UGW9811 V900R010C81SPC100HA9661 V900R007C06SPC300PDSN9660 V900R007C06SPC200WASN9770 V300R003C02SPC300

Mediation Mediation V100R002C20Mediation V100R002C30

BCM V300R003C30LG0106SPC002BCM V300R003C50SPC020

Mobile phone

Y300

Y300-0100

V100R001C00B197In the TA ( technical accept) testing

Mobile phone

G510

G510-0200

V100R001C00B193 Released

Mobile phone

U8686V100R001C85B177/B187 In the TA ( technical

accept) testing

Mobile phone

C8813V100R001C92B173 In the TA ( technical

accept) testing

MSOFTX3000 MSOFTX3000 V200R010C10

V200R010C10SPH103

Nastar GENEX Nastar V600R014C00SPC201TGENEX Nastar V600R014C00

V600R014C00CP0010

NetCol ACC V100R001C10/C20/C30 V100R001C10

NGIN SNE V300R002C20SNE V300R002C30

V300R002C50

Page 7:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

SNE V300R002C40SNE V300R002C50BMP V100R002C30BMP V100R002C40

V100R002C40SPC001

OCS OCS V100R002C01OCS V300R003C01

BCM V300R003C30LG0106SPC002BICP V100R001C50LS0002BCM V300R003C50SPC020

OIC V100R001C00SPC300

V100R001C00SPC400V100R001C00SPC401

OnlineMediation OnlineMediationV300R003

C01

OnlineMediationV300R003

C02

OnlineMediationV300R003

C21

OnlineMediationV300R003

C30

ONIP SNE V300R002C50BICP V100R001C50LS0002

OpenEye CMS V300R001C60SPC001 V300R001C60SPC002

PCCS

PowerCube1000 V300R002C03PowerCube Controller Software V300R002C00/C10/C20C/C30

V300R002C03SPC600

PDU8000 V100R002C00 V100R002C00SPC100

Policy Center V100R003C00 V100R003C00SPC303

PRM PRM V300R001C08PRM V300R001C20

BCM V300R003C30LG0106SPC002BCM V300R003C50SPC020

RCS9880 V100R002C10V100R003C00

V100R002C10CP0001V100R003C00CP0001

Page 8:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

SAG V200R001C38 V200R001C38LG0005

SANEX V100R002C00 V100R002C00SPC002

Smart Campaign V300R003C02 BICP V100R001C50LS0002

SMU02B SMUV300R002C02V300R002C10

SUM V300R002C02SPC73SUM V300R002C20SPC74

SOFTX3000 V600R012C10 V600R012C10SPC203

SPS V300R007C00 V300R007C00SPH103

STB V100R002C15LLNL72V100R002C15LSCD81V100R001C06LCOE01SPC200

IPTV STB V100R002C15LSCD67IPTV STB V100R002C15LLNL75Terminal Middleware V100R001C06LCOE02SPC200

Tecal E6000

V100R002

Tecal E6000 Chassis V100R001C00SPC111Tecal BH622 V2 V100R002C00SPC108Tecal BH640 V2 V100R002C00SPC107

Tecal E6000

Chassis

V100R001C00 Tecal E6000 Chassis V100R001C00SPC111Tecal BH622 V2 V100R002C00SPC108Tecal BH640 V2 V100R002C00SPC107

Tecal E9000

Chassis

V100R001 Tecal E9000 Chassis V100R001C00SPC160Tecal CH121 V100R001C00SPC150Tecal CH140 V100R001C00SPC100Tecal CH220 V100R001C00SPC150Tecal CH221 V100R001C00SPC150Tecal CH222 V100R002C00SPC150Tecal CH240

Page 9:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

V100R001C00SPC150Tecal CH242 V100R001C00SPC150Tecal CH242 V3 V100R001C00SPC100

Tecal RH1288

V2

V100R002C00 V100R002C00SPC105

Tecal RH2285

V2

V100R002C00 V100R002C00SPC113

Tecal RH2285H

V2

V100R002C00 V100R002C00SPC108

Tecal RH2288

V2

V100R002C00 V100R002C00SPC115

Tecal RH2288H

V2

V100R002C00 V100R002C00SPC110

Tecal RH2485

V2

V100R002 V100R002C00SPC501

Tecal RH5885

V2

V100R001V100R003

V100R001C02SPC109

Tecal RH5885

V3 V100R003 V100R003C01SPC101

Tecal RH5885H

V3

V100R003 V100R003C00SPC101

Tecal X6000 V100R002 Tecal XH310 V2 V100R001C00SPC107Tecal XH311 V2 V100R001C00SPC107Tecal XH320 V2 V100R001C00SPC109Tecal XH621 V2 V100R001C00SPC105

Tecal X8000 V100R001 Tecal DH310 V2 V100R001C00SPC107Tecal DH620 V2 V100R001C00SPC105

Page 10:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

Tecal DH621 V2 V100R001C00SPC105

WebLMT of

BSC6900 BSC6900 V100R016C00V100R016C00SPC600

WebLMT of

BSC6910 BSC6910 V100R016C00V100R016C00SPC600

WebLMT of

eGBTS/NODEB/M

BTSBTS3900 V100R009C00

V100R009C00SPC100

WebLMT of

eNodeb(FDD)

BTS3900 V100R009C00 V100R009C00SPC100

WebLMT of

eNodeb(TDD)

BTS3900 V100R009C00 V100R009C00SPC100

WFM V200R001C00 V200R001C00SPC131

V100R001C01 V100R001C01SPC292

UAC3000 V100R003C00 CGP V100R006C60SPC609

UGC3200 UGC3200 V200R010C00 CGP V100R006C60SPC609

UPCC UPCC V300R006C01UPCC V300R006C02

V300R006C01SPC203V300R006C02SPC105

UPS2000 V1R1C00/C10/C11/C30/C31

V100R001C10SPC401

UPS5000 V100R001C00/C01/C10/C02V100R002C00/C01/C02/C03V100R002C10/C11/C12/C13

V100R002C01SPC300V100R001C10SPC600

USN9810 V900R012C01 V900R012C01SPH003

VGS SCG V500R005C30 V500R005C30LG0001

Obtaining Fixed SoftwareCustomers should contact Huawei TAC (Huawei Technical Assistance Center) to request the upgrades, or obtain them through Huawei worldwide website at http://support.huawei.com/support/.

Page 11:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

For TAC contact information, please refer to the following links:

TAC for Carrier Customers:http://support.huawei.com/support/pages/news/NewsInfoAction.do?actionFlag=view&doc_id=IN0000034614&colID=ROOTENWEB%7CCO0000000169%7CCO0000003000.

TAC for enterprise customers:http://support.huawei.com/enterprise/NewsReadAction.action?contentId=NEWS1000000563 

TAC for Terminal Customers:http://www.huaweidevice.com/resource/mini/201107199604/FAQ_ServiceHotline_en/index.html

http://www.huaweidevice.com/worldwide/netWorkPoint.do?

method=index&directoryId=40

Exploitation and Vulnerability SourceThis vulnerability is found by Codenomicon and Google security engineers.

Contact Channel for Technique IssueFor security problems about Huawei products and solutions, please

contact [email protected] general problems about Huawei products and solutions, please directly

contact Huawei TAC (Huawei Technical Assistance Center) to request the

configuration or technical assistance.Revision History2014-05-12 V2.7 UPDATED update the Software Versions and Fixes2014-05-10 V2.6 UPDATED update the Software Versions and Fixes2014-05-10 V2.5 UPDATED update the Software Versions and Fixes2014-05-09 V2.4 UPDATED update the Software Versions and Fixes2014-05-09 V2.3 UPDATED update the Software Versions and Fixes2014-05-08 V2.2 UPDATED update the Software Versions and Fixes2014-05-07 V2.1 UPDATED update the Software Versions and Fixes2014-05-06 V2.0 UPDATED update the Software Versions and Fixes2014-05-05 V1.9 UPDATED update the Software Versions and Fixes2014-05-04 V1.8 UPDATED update the Software Versions and Fixes

Page 12:  · Web viewiManager U2000 V100R009C00SPC300 V100R009C00CP3002 iManager U2000-M iManager U2000 V200R014C00SPC100iManager U2000 V200R014C00SPC110 V200R014C00SPC200 IMS IMS V200R010C00

2014-04-30 V1.7 UPDATED update the Software Versions and Fixes2014-04-28 V1.6 UPDATED update the Software Versions and Fixes2014-04-24 V1.5 UPDATED update the Software Versions and Fixes2014-04-22 V1.4 UPDATED update the Software Versions and Fixes2014-04-21 V1.3 UPDATED update the Software Versions and Fixes2014-04-21 V1.2 UPDATED update the Software Versions and Fixes2014-04-18 V1.1 UPDATED update the Software Versions and Fixes2014-04-17 V1.0 INITIAL

DeclarationThis document is provided on an "AS IS" basis and does not imply any kind

of guarantee or warranty, either express or implied, including the

warranties of merchantability or fitness for a particular purpose. In no

event shall Huawei. or any of its directly or indirectly controlled

subsidiaries or its suppliers be liable for any damages whatsoever

including direct, indirect, incidental, consequential, loss of business profits

or special damages. Your use of the document, by whatsoever means, will

be totally at your own risk. Huawei is entitled to amend or update this

document from time to time.Huawei Security ProceduresComplete information on providing feedback on security vulnerability of

Huawei products, getting support for Huawei security incident response

services, and obtaining Huawei security vulnerability information, is

available on Huawei's worldwide website at

http://www.huawei.com/en/security/psirt/.

News End