We did a security scan on our Cisco Expressway-E (version X8.9.1) and found that it is vulnerable to Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32) port 5061/tcp over SSL.
The threat indicates that: "Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode.
All versions of SSL/TLS protocol support cipher suites which use DES, 3DES, IDEA or RC2 as the symmetric encryption cipher are affected."
Is there any way we can find out the cipher used for the TLS implementation? Is it documented somewhere?
Is there any fix for this vulnerability for Expressway?
This has been fixed in some release quite some time ago, right now I don't recall the exact version. The version you're on is quite old. Recommendation would be to upgrade to one of the latest, either 12.5.6 or 12.5.7.
Thanks for the information.
Can you please let me know the cipher used in version X8.9.1 and whether it is documented somewhere?
I'm afraid that would be information I don't have. If you really need to know this I would recommend you to reach out to TAC. As stated before by me and others replying to this thread your version is outdated and it would be advisable to upgrade.
In order to chechk the configured ciphres on your server, from the CLI using admin credintals " xconfiguration // cipher".
The output there will show you all the configured ciphers.
+ Also, the Vulnerability identified: CVE-2016-2183, is addressed in: CSCvb49322 and it is fixed in x8.9.
For example, to set the current Cisco VCS/ EXP default suite, use: xConfiguration SIP TLS CipherSuite: ALL:!EXP:!LOW:!MD5:@STRENGTH:+ADH
xConfiguration SIP TLS CipherSuite: "ALL:!EXP:!LOW:!MD5:!3DES:!RC4:@STRENGTH:+ADH"
xConfiguration SIP TLS CipherSuite: "ALL:!EXP:!LOW:!MD5:!3DES:@STRENGTH:+ADH"
So if you only want to disable DES or even DES:
xConfiguration SIP TLS CipherSuite: "ALL:!EXP:!LOW:!MD5:!3DES:DES:@STRENGTH:+ADH"
All encryption methods use common algorithms. Security comes from the key, a number which is passed to the algorithm to tell it how to encrypt the data. A commonly employed communications encryption method is the "Data Encryption Standard" (DES). DES works by encrypting data with a 56-bit long key. Triple DES (3DES) is an enhancement to DES that effectively runs 112-bit long keys. So when a device by design supports any of these from above scanners will detect they support one or a few of the low considered methods (by not being 128 bits long) and will normally trigger the recommendation for these not to be used, of course the systems also support strong methods longer than 128 bits as well.
The command shows the ciphers you can disable or tell the VCS to use, If you desire the order to be by strongest cipher instead, you can use the @STRENGTH keyword. As for the format of the list itself, the cipher strings should be separated by colons and can feature the accepted cipher strings and these formatting options:
* "!" - These ciphers are permanently deleted from the list and cannot reappear in the list even if explicitly stated.
* "-" - These ciphers are deleted from the list but can be re-added by later options
* "+" - These ciphers are moved to the end of the list.
Please remember to rate responses and to mark your question as answered if appropriate.