BlackBerry Enterprise Server SSL/TLS EXPORT_RSA Ciphers Downgrade MitM (KB36811) (FREAK)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by the
FREAK vulnerability.

Description :

The version of BlackBerry Enterprise Server on the remote host is
affected by a security feature bypass vulnerability, known as FREAK
(Factoring attack on RSA-EXPORT Keys), due to the support of weak
EXPORT_RSA cipher suites with keys less than or equal to 512 bits.
A man-in-the-middle attacker may be able to downgrade the SSL/TLS
connection to use EXPORT_RSA cipher suites which can be factored in a
short amount of time, allowing the attacker to intercept and decrypt
the traffic.

See also :

https://www.smacktls.com/#freak
http://www.blackberry.com/btsc/KB36811

Solution :

Upgrade to version 10.2 MR5 and later with Interim Security Update
BES 12.1 for March 19, 2016, or to version 12.1 and later with Interim
Security Update BES 10.2.5 for March 19 2016

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 82295 ()

Bugtraq ID: 71936

CVE ID: CVE-2015-0204

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now