Security Bulletin
Summary
The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM WebSphere Message Broker and IBM Integration Bus
Vulnerability Details
CVEID: CVE-2015-2808
DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as "Bar Mitzvah Attack".
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/101851 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Affected Products and Versions
IBM Integration Bus V9 , V10
WebSphere Message Broker V7, V8
IBM Integration Toolkit V9
WebSphere Message Broker Toolkit V7, V8
Remediation/Fixes
A fix to remove RC4 cipher suites from the default list of enabled cipher suites is available for WebSphere Message Broker V7.0 and V8.0 (for IBM Java™ 6)
| Product | VRMF | APAR | Remediation/Fix |
| WebSphere Message Broker | V7.0 | IT08327 | An interim fix is available from IBM Fix Central for all platforms. http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT08327 The APAR is targeted to be available in fix pack 7.0.0.8 |
| WebSphere Message Broker | V8.0 | IT08327 | An interim fix is available from IBM Fix Central for all platforms. http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~WebSphere&product=ibm/WebSphere/WebSphere+Message+Broker&release=All&platform=All&function=aparId&apars=IT08327 The APAR is targeted to be available in fix pack 8.0.0.7. Note: If you have APAR IT03599 applied to your system to enable MQv8 support: 1. You are using Java 7 bundled with IT03599, and APAR IT08327 does not apply. 2. You must follow the mitigations/workarounds for IBM Integration Bus V9 and V10. |
You should verify applying this fix does not cause any compatibility issues.
The planned maintenance release dates for WebSphere Message Broker and IBM Integration Bus are available at :
http://www.ibm.com/support/docview.wss?uid=swg27006308
Workarounds and Mitigations
IBM Integration Bus V9 and V10
a) IBM Java 7 shipped with IBM Integration Bus has RC4 enabled by default and is therefore vulnerable. The vulnerability can be mitigated by disabling RC4 which can be achieved by following 'Instructions to disable RC4 in Java 7' given below.
After disabling the RC4 ciphers if you decide to use CBC ciphers you should follow the steps outlined in 'Using CBC ciphers' given below.
b) If you use the DataDirect ODBC V7.x drivers shipped with WebSphere Message Broker
The SSL library shipped with the ODBC drivers is vulnerable. The RC4 ciphers are in the acceptable cipher list by default. To mitigate this vulnerability you can configure the drivers to exclude RC4 ciphers from the list of negotiated ciphers by following 'Instructions to disable RC4 in DataDirect drivers' given below.
WebSphere Message Broker V7 and V8
a) After disabling the RC4 ciphers by applying the APAR fix if you then decide to use CBC ciphers you should follow the steps outlined in 'Using CBC ciphers' given below.
b) If you use the DataDirect ODBC V7.x drivers shipped with WebSphere Message Broker
The SSL library shipped with the ODBC drivers is vulnerable. The RC4 ciphers are in the acceptable cipher list by default. To mitigate this vulnerability you can configure the drivers to exclude RC4 ciphers from the list of negotiated ciphers by following 'Instructions to disable RC4 in DataDirect drivers' given below.
WebSphere Message Broker Toolkit V7 and V8
WebSphere Message Broker Toolkit Versions 7.0 and V8.0 by default disable the RC4 stream cipher for broker administration and are not vulnerable. To remain protected in all cases you should NOT enable weak or export-level cipher suites or select an RC4 cipher when connecting to the Broker's Queue Manager. If you enable the RC4 stream cipher you are vulnerable.
To use a TLS cipher to connect to the Queue Manager, you must apply a fixpack or ifix containing APAR IT05725. APAR IT05725 is planned for inclusion in 7.0.0.8 and 8.0.0.5 Interim Fix 001.
If you choose to use CBC ciphers in place of the RC4 ciphers you should follow the steps outlined in 'Using CBC ciphers' given below.
IBM Integration Toolkit V9
IBM Integration Toolkit V9.0 by default disables the RC4 stream cipher for broker administration and is not vulnerable. To remain protected in all cases you should NOT enable weak or export-level cipher suites or select an RC4 cipher when connecting to the Broker's Queue Manager. If enable the RC4 stream cipher you are vulnerable.
To use a TLS cipher to connect to the Queue Manager, you must apply a fixpack or ifix containing APAR IT05429. APAR IT05429 is available in IBM Integration Toolkit Version 9.0 Fix Pack 3.
To stop users enabling the RC4 stream cipher in the future you should disable RC4 by following 'Instructions to disable RC4 in Java7' given below.
If you choose to use CBC ciphers in place of the RC4 ciphers you should follow the steps outlined in 'Using CBC ciphers' given below.
Instructions to disable RC4 in Java 7
Add RC4 to the list of disabled algorithms defined by the jdk.tls.disabledAlgorithms security property in the java.security file. For example:
- jdk.tls.disabledAlgorithms=SSLv3, RC4
The java.security file can be found in the following locations:
IBM Integration Bus V9:
- <install>\jre17\lib\security\java.security
IBM Integration Toolkit V9
- <install>\jdk\jre\lib\security\java.security
IBM Integration Bus V10 on Windows and LinuxX64:
- <install>\common\jdk\jre\lib\security\java.security
IBM Integration Bus V10 not on Windows and LinuxX64:
- <install>\common\jre\lib\security\java.security
Instructions to disable RC4 in DataDirect drivers (ODBC SSL connectivity)
Use the undocumented CipherList connection option:
Option name: CipherList (CL)
Default: "DEFAULT", currently equivalent to "ALL:!aNULL:!eNULL:!SSLv2"
Format: See "Cipher List Format" at https://www.openssl.org/docs/apps/ciphers.html
In order to disable RC4 ciphers while still maintaining the default restrictions, you need to set:
CipherList=DEFAULT:!RC4
Using CBC ciphers
After disabling the RC4 ciphers if you decide to enable and use CBC ciphers then you should set the jsse.enableCBCProtection JVM system property to avoid vulnerability to the BEAST security vulnerability CVE-2011-3389.
More details about this JVM system property can be found here: http://www.ibm.com/support/knowledgecenter/SSYKE2_6.0.0/com.ibm.java.security.component.60.doc/security-component/jsse2Docs/beast.html
You can set the JVM system property in a number of ways.
For WebSphere Message Broker and IBM Integration Bus runtime by either:
- Setting on a per-execution group basis by following the instructions to set a jvmSystemProperty using mqsichangeproperties here: http://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/an09143_.htm
- Setting on a per-broker or machine wide basis by setting the IBM_JAVA_OPTIONS (_JAVA_OPTIONS on Solaris or HP systems) environment variable:
- IBM_JAVA_OPTIONS=-Djsse.enableCBCProtection=true
_JAVA_OPTIONS=-Djsse.enableCBCProtection=true
On z/OS systems by adding the environment variable to BIPBPROF and submitting BIPGEN to recustomize the ENVFILE: http://www.ibm.com/support/knowledgecenter/SSMKHH_9.0.0/com.ibm.etools.mft.doc/ae22465_.htm
If you already have the IBM_JAVA_OPTIONS or _JAVA_OPTIONS environment variable set then you will need to add the new parameter to the end of any existing parameters preceded by a space.
For WebSphere Message Broker and IBM Integration Toolkit:
Edit the eclipse.ini file for the toolkit installation and add the following line:
- -Djsse.enableCBCProtection=true
The eclipse.ini file can be found in the root directory of the toolkit installation. For example:
- c:\Program Files (x86)\IBM\WMBT800\eclipse.ini
c:\Program Files\IBM\IIB\10.0.0.0\tools\eclipse.ini
Note that in the event that servers or clients are configured to use only RC4 ciphers, the above settings would prevent any SSL connection from succeeding.
You should verify applying the above configuration changes do not cause any compatibility issues. Not disabling the RC4 stream cipher will expose yourself to the attack described above. IBM recommends that you review your entire environment to identify other areas where you have enabled the RC4 stream cipher and take appropriate mitigation and remediation actions.
The full list of Java acceptable protocols and their meaning are at http://www.ibm.com/support/knowledgecenter/SSYKE2_7.0.0/com.ibm.java.security.component.70.doc/security-component/jsse2Docs/protocols.html
Get Notified about Future Security Bulletins
Important Note
IBM strongly suggests that all System z customers be subscribed to the System z Security Portal to receive the latest critical System z security and integrity service. If you are not subscribed, see the instructions on the System z Security web site. Security and integrity APARs and associated fixes will be posted to this portal. IBM suggests reviewing the CVSS scores and applying all security or integrity fixes as soon as possible to minimize any potential risk.
References
Acknowledgement
None
Change History
5 May 2015 - Original version Published
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Product Synonym
WMB IIB
Was this topic helpful?
Document Information
Modified date:
19 August 2022
UID
swg21883122