VMware Workspace Portal Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has a device management application installed that is
affected by multiple vulnerabilities.

Description :

The VMware Workspace Portal (formerly known as VMware Horizon
Workspace) installed on the remote host is version 2.x prior to 2.1.1.
It is, therefore, affected by a man-in-the-middle (MitM) information
disclosure vulnerability known as POODLE. The vulnerability is due to
the way SSL 3.0 handles padding bytes when decrypting messages
encrypted using block ciphers in cipher block chaining (CBC) mode.
MitM attackers can decrypt a selected byte of a cipher text in as few
as 256 tries if they are able to force a victim application to
repeatedly send the same data over newly created SSL 3.0 connections.
(CVE-2014-3566)

Additionally, unspecified vulnerabilities also exist in the following
bundled Java components :

- 2D (CVE-2014-6585, CVE-2014-6591)

- Deployment (CVE-2015-0403, CVE-2015-0406)

- Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395,
CVE-2015-0437)

- Installation (CVE-2015-0421)

- JAX-WS (CVE-2015-0412)

- JSSE (CVE-2014-6593)

- Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400)

- RMI (CVE-2015-0408)

- Security (CVE-2015-0410)

- Serviceability (CVE-2015-0413)

- Swing (CVE-2015-0407)

See also :

https://www.vmware.com/security/advisories/VMSA-2015-0003
http://seclists.org/fulldisclosure/2015/Apr/5
http://www.nessus.org/u?c02f1515
http://www.nessus.org/u?12e35b07
http://www.nessus.org/u?726f7054
https://www.imperialviolet.org/2014/10/14/poodle.html
https://www.openssl.org/~bodo/ssl-poodle.pdf
https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00

Solution :

Upgrade to VMware Workspace Portal 2.1.1 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false