.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
RSA Security Analytics, Impact of Logjam Vulnerability
Tags: RSA NetWitness Platform, Security Advisories
Advisory Type
Security
Advisory Content
Dear RSA Security Analytics Customer,
Summary:
RSA, The Security Division of EMC, is evaluating the impact of the Logjam vulnerability in OpenSSL configurations utilized by Security Analytics. The vulnerability affects the Diffie-Hellman key exchange used in the Transport Layer Security (TLS) protocol during communications to Security Analytics. Additional details on the vulnerability can be found at:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000.
Affected Products:
RSA Security Analytics 10.3.x
RSA Security Analytics 10.4.x
Recommendation:
RSA suggests customers that have upgraded to a newer browser that has mechanisms in place to warn or block connections using Logjam vulnerable configurations read KB article 30767. This article outlines immediate work arounds to regain connectivity to Security Analytics. RSA will publish further guidance once we have fully addressed the vulnerability in a future patch.