search

vmware-archive / gangway

An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster.
Apache License 2.0
410 stars 111 forks source link

Insecure TLS versions #167

Closed mjura closed 4 years ago

mjura commented 4 years ago

What happened:

During security audit we have discovered that gangway service still offers insecure TLS v1.0, v1.1 and SSL v3.0 versions for connection encryption:

> nmap --script ssl-enum-ciphers -p 32001 127.0.0.1
Starting Nmap 7.70 ( https://nmap.org ) at 2020-06-22 11:45 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000088s latency).

PORT      STATE SERVICE
30193/tcp open  unknown
| ssl-enum-ciphers: 
|   SSLv3: 
|     ciphers: 
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: server
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|       CBC-mode cipher in SSLv3 (CVE-2014-3566)
|   TLSv1.0: 
|     ciphers: 
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: server
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|   TLSv1.1: 
|     ciphers: 
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: server
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|   TLSv1.2: 
|     ciphers: 
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors: 
|       NULL
|     cipher preference: server
|     warnings: 
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|_  least strength: C

Nmap done: 1 IP address (1 host up) scanned in 7.51 seconds

What you expected to happen:

Old deprecated TLS and SSL protocol versions are disabled, also gangway http server enforce ciphers 

mjura@gecko:~> nmap --script ssl-enum-ciphers -p 32001 127.0.0.1
Starting Nmap 7.70 ( https://nmap.org ) at 2020-06-23 11:12 CEST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000093s latency).

PORT      STATE SERVICE
32001/tcp open  unknown
| ssl-enum-ciphers: 
|   TLSv1.2: 
|     ciphers: 
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|_  least strength: A

Nmap done: 1 IP address (1 host up) scanned in 5.26 seconds

How to reproduce it (as minimally and precisely as possible):

Run nmap command with flag --script ssl-enum-ciphers for example

nmap --script ssl-enum-ciphers -p 32001 <GANGWAY_IP>

Proposed fixes:

To fix that I would like to propose fix #166 and disable deprecated SSL and TLS protocols

stevesloka commented 4 years ago

Fixed in #166