5 Posts
0
4867
TLS/SSL Server Is Using Commonly Used Prime Numbers - Dell OME Vulnerability 3.8.3 (Build 8)
We are running Dell OME Version 3.8.3 (Build and are security team has forwarded me a vulnerability from our SIEM.
the server is using a common or default prime number as a parameter during the Diffie-Hellman key exchange. This makes the secure session vulnerable to a precomputation attack. An attacker can spend a significant amount of time to generate a lookup/rainbow table for a particular prime number. This lookup table can then be used to obtain the shared secret for the handshake and decrypt the session.
Has anyone seen this vulnerability or know how to apply the cipher suites to mitigate this vulnerability?
Thanks!
DELL-Charles R
Moderator
Moderator
•
3.4K Posts
0
April 13th, 2022 08:00
Hello dlongofbb,
It will be fixed in version 3.9 that will come out in May.
I don't have an exact date though.
I hope that helps.
DELL-Charles R
Moderator
Moderator
•
3.4K Posts
0
April 13th, 2022 06:00
Hello dlongofbb,
I want to confirm which tool you are using. You posted in the OM Essentials section. Are you using OM Essentials or OM Enterprise?
Can you provide the CVE ID and the product vulnerability report?
Here we have our Security Advisories and Notices
https://www.dell.com/support/security/en-us
dlongofbb
5 Posts
0
April 13th, 2022 06:00
I posted incorrectly in the Essentials section, this is for the Dell OpenManage Enterprise solution.
Our siem did not provide a CVE ID - but here is some more detail;
https://www.rapid7.com/db/vulnerabilities/tls-dh-primes/
https://weakdh.org/
Thanks for responding and please move my post to the correct section.
Regards
dlongofbb
5 Posts
0
April 13th, 2022 09:00
Thank you Charles - very helpful! Will keep my eyes open for the next release.