Security Advisory- Risk of Password Being Cracked Due to DES Encryption Algorithm
- SA No:Huawei-SA-20120827-01-CX600
- Initial Release Date: Aug 27, 2012
- Last Release Date: Aug 16, 2013
In multiple Huawei products, DES encryption algorithm is used for password and the encryption is not strong enough so it may be cracked (HWNSIRT-2012-0820).
This Vulnerability has been assigned Common Vulnerabilities and Exposures (CVE) ID: CVE-2012-4960.
Temporary fix for this vulnerability is available. Huawei has made the version plan to resolve this vulnerability.
1、 Involved versions:
|
Affected product |
Affected version |
|
NE5000E |
V300R007 |
|
V800R002 |
|
|
MA5200G |
V200R003 |
|
V300R003 |
|
|
NE40E/80E |
V300R003 |
|
V600R001 V600R002 V600R003(excluding |
|
|
ATN |
V200R001C00, V200R001C01 |
|
NE40/NE80 |
V300R005 |
|
NE20E-X6 |
V600R003 |
|
NE20 |
V200R005 |
|
ME60 |
V100R005 V100R006 V600R002 V600R003 |
|
CX600 |
V200R002 V600R001 V600R002 V600R003 |
|
CX200/CX300 |
V100R005 |
|
ACU |
V100R003C01SPC100 |
|
V200R001C00SPC100 |
|
|
V200R001C00 |
|
|
WLAN AC 6605 |
V200R001C00 |
|
V200R001C00SPC100 |
|
|
S9300 |
V100R001 V100R002 V100R003 V100R006 |
|
S7700 |
V100R003 V100R006 |
|
S2300/S3300/S5300 |
V100R002 V100R003 |
|
S2300/S3300/S5300/S2700/S3 |
V100R005 |
|
S2300/S3300/S5300/S3300HI/ |
V100R006C00 |
|
AR G3 |
V200R001C00 |
|
V200R001C01 |
|
|
V200R002C00SPC200 |
|
|
H3C AR(OEM IN) |
AR x9 series R2209 and earlier versions |
|
AR 19/29/49 |
R2207 and earlier versions |
|
Eudemon100E |
V200R007 |
|
Eudemon200 |
V200R001 |
|
Eudemon300&500&1000 |
V200R006C02 and earlier versions |
|
Eudemon1000E-U/USG5300 |
V200R001 and earlier versions |
|
Eudemon1000E-X/USG5500 |
V200R002 and earlier versions |
|
Eudemon8080E&8160E/USG9300 |
V100R003C00 and earlier versions |
|
Eudemon8000E-X/USG9500 |
V200R001C00SPC600 and earlier versions |
|
E200E-C&X3&X5&X7/USG2200&5100 |
V200R003C00 and earlier versions |
|
E200E-B&X1&X2/USG2100 |
V100R005C01 and earlier versions |
|
SVN5300 |
V100R001C01B019 |
|
SVN2000&5000 series |
V200R001C00 |
|
SVN3000 |
V100R002C02SPC802B041 |
|
NIP100/200/1000 |
V100R001 |
|
NIP2100&2200&5100 |
V100R001C00 |
If attackers acquire the encryption file, they may crack the DES encryption algorithm to get the password.
The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/).
Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Temporal Score: 5.6(E:F/RL:T/RC:C)
Prerequisite:
The attacker can log in to the device, and has privilege to get configuration with encrypted passwords.
Procedures:
The attacker acquires the user password stored by encryption and crack DES encryption algorithm to get the password in clear text.
Impact:
The attacker acquires the password.1. Enhance the remote login management to the equipment and only allow login within the operator’s management network.
2. Strictly manage the accounts privilege.
3. Change the password regularly.
1.Abandon DES algorithm and adopt AES256 algorithm.
Version upgrade information and upgrade date:
|
Affected product |
Solved version |
Solved time |
|
NE5000E |
V800R003C00 |
09.19.2012 |
|
ATN |
V200R001C02 |
08.20.2012 |
|
NE40E&NE80E |
V600R003C00SPCA00 |
09.15.2012 |
|
CX600 |
V600R003C00SPCA00 |
09.15.2012 |
|
ME60 |
V600R005C00 |
09.15.2012 |
|
AR 19/29/49 |
R 2209 and later version |
03.09.2012 |
|
ACU |
V200R002 |
08.31.2012 |
|
WLAN AC 6605 |
V200R002 |
08.31.2012 |
|
S3300HI/S5300/S6300/S3700HI/ |
V200R001C00 |
08.31.2012 |
|
S9300/S9300E/S7700/S9700 |
V200R001C00 |
08.31.2012 |
|
S2300/S3300/S2700/S3700 |
V100R006C03 |
08.31.2012 |
|
AR G3 |
Release version: V200R002C01SPC200 |
08.31.2012 |
|
H3C AR(OEM IN) |
AR x8 series; AR x9 series |
03.30.2012 |
|
Eudemon100E |
E200E-X V300R001C00SPC600 |
08.31.2012 |
|
Eudemon200 |
||
|
Eudemon300&500&1000 |
||
|
Eudemon1000E-U/USG5300 |
Eudemon 1000E-X/USG5500 |
08.31.2012 |
|
Eudemon1000E-X/USG5500 |
||
|
Eudemon8080E&8160E/USG9300 |
Eudemon8000E |
07.30.2012 |
|
Eudemon8000E-X/USG9500 |
||
|
USG2200&5100 |
V300R001C00SPC600 |
08.31.2012 |
|
USG2100 |
V300R001C00SPC100 |
08.31.2012 |
|
SVN5300 |
SVN5500(product |
02.28.2012 |
|
SVN2000&5000 series |
V200R001C01SPC200 |
06.20.2012 |
|
SVN3000 |
SVN2260 V200R001C01SPC200 |
06.20.2012 |
|
NIP100/200/1000 |
NIP5100/NIP2200/NIP210 |
07.30.2012 |
|
NIP2100&2200&5100 |
V100R001C01SPC200 |
07.30.2012 |
This vulnerability is reported by Emaze Networks. The Huawei PSIRT is not aware of any malicious use launch to attack through the vulnerability described in this advisory.
For security problems about Huawei products and solutions, please contactPSIRT@huawei.com.
For general problems about Huawei products and solutions, please directly contact Huawei TAC (Huawei Technical Assistance Center) to request the configuration or technical assistance.
2012-8-27 V1.0 INITIAL
2012-10-08 V1.1 Update
2012-11-07 V1.2 Update
2012-12-17 V1.3 Update
2013-8-16 V1.4 Update Update affect product list
None
