Home

SSL/TLS Configuration

%3CLINGO-SUB%20id%3D%22lingo-sub-65271%22%20slang%3D%22en-US%22%3ESSL%2FTLS%20Configuration%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-65271%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%3EWe%20have%20a%20QuickBooks%20App.%20As%20part%20of%20their%20program%2C%20they%20run%20a%20security%20check%20on%20the%20Apps.%20They%20have%20noted%20the%20following%20security%20issue.%20%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EThe%20server-side%20SSL%2FTLS%20endpoint%20is%20configured%20to%20allow%20weak%20SSL%2FTLS%20cipher%20suites.%20These%20cipher%20suites%20have%20proven%20cryptographic%20flaws%20that%20can%20allow%20an%20attacker%20to%20decrypt%20or%20modify%20traffic.%20These%20weak%20cipher%20suites%20include%20the%20following%3A%20%EF%82%B7%20Cipher%20suites%20that%20use%20block%20ciphers%20(e.g.%20AES%2C%203DES)%20in%20CBC%20mode%3B%20these%20are%20vulnerable%20to%20the%20BEAST%20attack%20if%20SSL%203.0%20or%20TLS%201.0%20are%20supported.%20Even%20if%20newer%20versions%20of%20TLS%20are%20also%20supported%20by%20the%20server%2C%20older%20client%20software%20might%20establish%20SSL%203.0%20or%20TLS%201.0%20connections.%26nbsp%3B%20%EF%82%B7%20Cipher%20suites%20that%20use%20block%20ciphers%20having%20block%20size%20of%2064%20bits%20(DES%2C%203DES)%2C%20is%20vulnerable%20to%20the%20Sweet32%20attack%2C%20having%20a%20birthday%20bound%20of%20approximately%20four%20billion%20blocks%2C%20which%20makes%20it%20easier%20for%20remote%20attackers%20to%20obtain%20clear%20text%20data%20via%20a%20birthday%20attack%20against%20a%20long-duration%20encrypted%20session.%20With%20the%20ability%20to%20run%20JavaScript%20in%20a%20browser%2C%20it%20is%20possible%20to%20send%20enough%20traffic%20to%20cause%20a%20collision%2C%20and%20then%20use%20that%20information%20to%20recover%20something%20like%20a%20session%20Cookie.%26nbsp%3B%20Please%20refer%20to%20the%20below%20link%20for%20more%20details%3A%26nbsp%3B%20%3CA%20href%3D%22https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2016-2183%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2016-2183%26nbsp%3B%3C%2FA%3E%20Additionally%2C%20an%20attacker%20may%20be%20able%20to%20use%20the%20POODLE%20attack%20to%20downgrade%20the%20connection%20to%20SSL%203.0%20or%20TLS%201.0%20even%20if%20both%20the%20client%20and%20the%20server%20support%20newer%20versions%20of%20TLS.%20BEAST%20allows%20an%20attacker%20on%20the%20same%20network%20as%20an%20end%20user%2C%20who%20can%20inject%20code%20into%20any%20site%20open%20in%20the%20user's%20browser%2C%20to%20decrypt%20cookies%20(or%20other%20sensitive%20data%20that%20is%20part%20of%20each%20request)%20for%20the%20vulnerable%20site.%20A%20server-side%20SSL%2FTLS%20endpoint%20that%20supports%20weak%20ciphers%20could%20allow%20an%20attacker%20to%20read%20or%20modify%20traffic%20sent%20in%20SSL%2FTLS%20connections%20with%20that%20endpoint.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20thought%20on%20what%20we%20should%20do.%20We%20are%20running%20the%20APP%20as%20a%20web%20app%20on%20Azure.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-65271%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESecurity%20Center%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-66031%22%20slang%3D%22en-US%22%3ERe%3A%20SSL%2FTLS%20Configuration%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-66031%22%20slang%3D%22en-US%22%3E%3CP%3Ehave%20a%20look%20at%20what%20Benjamin%20Perkins%20has%20to%20say%20about%20disabeling%20TLS%201.0%20%3CA%20href%3D%22https%3A%2F%2Fblogs.msdn.microsoft.com%2Fbenjaminperkins%2F2017%2F04%2F11%2Fhow-to-disable-tls-1-0-on-an-azure-app-service-web-app%2F%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehere%3C%2FA%3E.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUpdate%3A%20consider%20using%20a%20application%20gateway.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ehere%20you%20have%20more%20options%20for%20securing%20your%20communication%20the%20following%20is%20takin%20directly%20from%20the%20link%20i%20provided.%3C%2FP%3E%3CP%3E%3CSPAN%3ESSL%202.0%20and%20SSL%203.0%20are%20disabled%20by%20default%20and%20cannot%20be%20enabled.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EApplication%20Gateway%20supports%20disabling%20the%20following%20protocol%20version%3B%20%3CSTRONG%3ETLSv1.0%3C%2FSTRONG%3E%2C%20%3CSTRONG%3ETLSv1.1%3C%2FSTRONG%3E%2C%20and%20%3CSTRONG%3ETLSv1.2%3C%2FSTRONG%3E.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Ehave%20a%20look%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fapplication-gateway%2Fapplication-gateway-end-to-end-ssl-powershell%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehere%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Myron Joy
Occasional Visitor

We have a QuickBooks App. As part of their program, they run a security check on the Apps. They have noted the following security issue.

The server-side SSL/TLS endpoint is configured to allow weak SSL/TLS cipher suites. These cipher suites have proven cryptographic flaws that can allow an attacker to decrypt or modify traffic. These weak cipher suites include the following:  Cipher suites that use block ciphers (e.g. AES, 3DES) in CBC mode; these are vulnerable to the BEAST attack if SSL 3.0 or TLS 1.0 are supported. Even if newer versions of TLS are also supported by the server, older client software might establish SSL 3.0 or TLS 1.0 connections.   Cipher suites that use block ciphers having block size of 64 bits (DES, 3DES), is vulnerable to the Sweet32 attack, having a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain clear text data via a birthday attack against a long-duration encrypted session. With the ability to run JavaScript in a browser, it is possible to send enough traffic to cause a collision, and then use that information to recover something like a session Cookie.  Please refer to the below link for more details:  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183  Additionally, an attacker may be able to use the POODLE attack to downgrade the connection to SSL 3.0 or TLS 1.0 even if both the client and the server support newer versions of TLS. BEAST allows an attacker on the same network as an end user, who can inject code into any site open in the user's browser, to decrypt cookies (or other sensitive data that is part of each request) for the vulnerable site. A server-side SSL/TLS endpoint that supports weak ciphers could allow an attacker to read or modify traffic sent in SSL/TLS connections with that endpoint.

 

Any thought on what we should do. We are running the APP as a web app on Azure.

 

Thanks

1 Reply

have a look at what Benjamin Perkins has to say about disabeling TLS 1.0 here.

 

Update: consider using a application gateway.

 

here you have more options for securing your communication the following is takin directly from the link i provided.

SSL 2.0 and SSL 3.0 are disabled by default and cannot be enabled.

Application Gateway supports disabling the following protocol version; TLSv1.0, TLSv1.1, and TLSv1.2.

 

have a look here

Related Conversations