Skip to content
  • There are no suggestions because the search field is empty.

ESA-2014-049: RSA Security Analytics and RSA NetWitness Security Update for Multiple Embedded Component Vulnerabilities

Tags: RSA NetWitness Platform, Security Advisories

Advisory Type

Security


Advisory Content

EMC Identifier: ESA-2014-049

CVE Identifier: CVE-2013-6383, CVE-2014-0077, CVE-2014-2523, CVE-2014-3465, CVE-2014-3466, CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470, CVE-2014-0076 

Severity Rating: See NVD (http://nvd.nist.gov/) for individual scores for each CVE

 

Affected Products: 

  • RSA Security Analytics 10.3.x
  • RSA Security Analytics 10.2.x
  • RSA Security Analytics 10.1.x
  • RSA Security Analytics 10.0.x
  • RSA NetWitness 9.8.x
  • RSA NetWitness 9.7.x
  • RSA NetWitness 9.6.x

Summary: 

Multiple embedded components within RSA Security Analytics and RSA NetWitness require a security update to address various potential vulnerabilities. 

Details: 

Multiple embedded components are updated for the following potential vulnerabilities:

¥ Embedded components of CentOS:

á     Kernel: CVE-2013-6383, CVE-2014-0077, CVE-2014-2523

á     Gnutls: CVE-2014-3465, CVE-2014-3466 

¥ OpenSSL:

á     SSL/TLS Man-in-the-middle (MITM) vulnerability (CVE-2014-0224)

á     DTLS recursion flaw  (CVE-2014-0221)

á     DTLS invalid fragment vulnerability (CVE-2014-0195)

á     SSL_MODE_RELEASE_BUFFERS NULL pointer deference  (CVE-2014-0198)

á     SSL_MODE_RELEASE_BUFFERS session injection or denial of service (CVE-2010-5298)

á     Anonymous ECDH denial of service (CVE-2014-3470)

á     FLUSH + RELOAD cache side-channel attack (CVE-2014-0076)

For more information about these vulnerabilities, please visit the original OpenSSL advisory https://www.openssl.org/news/secadv_20140605.txt

¥ Java:

Please refer to the vendor advisory - https://rhn.redhat.com/errata/RHSA-2014-0414.html for the CVEs related to Oracle JAVA.

 

Recommendation:

The following RSA Security Analytics and RSA NetWitness releases contain resolutions to these issues:

  • RSA Security Analytics Q2 2014 Security Update
  • RSA Security Analytics OpenSSL Patch for v10.2
  • RSA Security Analytics Legacy Windows Collector 10.3.3 - Security Patch
  • RSA NextGen v9.8.5.20 patch for v9.8

-          Customers running RSA NetWitness 9.6.x, 9.7.x, and 9.8.x are recommended to upgrade to RSA NextGen 9.8.5.20 Patch for v9.8 AND install the RSA Security Analytics Q2 2014 Security Update.

-          Customers running RSA Security Analytics 10.0.x, 10.1.x, and 10.2.x are recommended to upgrade to RSA Security Analytics OpenSSL Patch for v10.2 AND install the RSA Security Analytics Q2 2014 Security Update.

-          Customers running RSA Security Analytics 10.3.x are recommended to install the RSA Security Analytics Q2 2014 Security Update.

-          Customers running RSA Security Analytics 10.3.x Legacy Windows Collector are recommended to upgrade to RSA Security Analytics Legacy Windows Collector 10.3.3 - Security Patch.

-          Customers running EL5 should contact Customer Support to receive further instructions