This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
NetWitness Platform Product Advisories
Read and subscribe to the latest announcements and advisories relating to the NetWitness Platform.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- NetWitness Community
- Products
- NetWitness Platform
- Advisories
- Product Advisories
- Microprocessor Side-Channel Vulnerabilities (CVE-2018-3639 and CVE-2018-3640): Impact on RSA product...
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Microprocessor Side-Channel Vulnerabilities (CVE-2018-3639 and CVE-2018-3640): Impact on RSA products
Note 1: It is a software product only. Reported vulnerabilities are best mitigated via firmware and operating system updates. Customers are strongly advised to patch their host systems where the product is installed.
Note 2: To take advantage of these vulnerabilities, an attacker first must be able to run malicious code on the targeted system. The product is designed to prevent users from loading and executing any external and/or untrusted code on the system. The reported issues do not introduce any additional security risk to the product.
Note 3: To take advantage of these vulnerabilities, an attacker first must be able to run malicious code on the targeted system. Access to the product to load external and/or potentially untrusted code is restricted to users with root or root-equivalent privileges only. The reported issues do not introduce any additional security risk to the product, provided the recommended best practices to protect the access of highly privileged account are followed.
Microprocessor Side-Channel Vulnerabilities (CVE-2018-3639 and CVE-2018-3640): Impact on RSA products
Article Number
000036372
CVE ID
000036372
Article Summary
RSA is aware of the side-channel vulnerabilities known as Speculative Store Bypass (CVE-2018-3639) and Rogue System Register Read (CVE-2018-3640) affecting many modern microprocessors that were published by researchers from Microsoft Security Response Center (MSRC) and Google Project Zero on 21 May 2018. An unprivileged attacker with local user access to the system could potentially exploit these vulnerabilities to read privileged memory data. For more information, please review security updates posted by Intel.
RSA is investigating the impact of these issues on our products. We will update this article regularly with impact details and mitigation steps as they become available. Mitigation steps may vary by product and may require updates to processor microcode (BIOS), Operating System (OS), Virtual Machine Manager (VMM), and other software components.
RSA recommends customers follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities until any future updates can be applied. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
For information on other Dell products, please see http://dell.com/support/speculative-store-bypass.
RSA is investigating the impact of these issues on our products. We will update this article regularly with impact details and mitigation steps as they become available. Mitigation steps may vary by product and may require updates to processor microcode (BIOS), Operating System (OS), Virtual Machine Manager (VMM), and other software components.
RSA recommends customers follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities until any future updates can be applied. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
For information on other Dell products, please see http://dell.com/support/speculative-store-bypass.
Link to Advisories
- Intel Security Advisory INTEL-SA-00115: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
- Intel Security Microsite: https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html
- ADV180012 - Microsoft Guidance for Speculative Store Bypass for CVE-2018-3639: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180012
- ADV180013 - Microsoft Guidance for Rogue System Register Read for CVE-2018-3640: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180013
- Microsoft Security Research and Defense blog: https://aka.ms/sescsrdssb
- Google Project Zero Blog: https://bugs.chromium.org/p/project-zero/issues/detail?id=1528
Resolution
| RSA Product Name | Versions | Impact Status | Details | Last Updated |
|---|---|---|---|---|
| 3D Secure / Adaptive Authentication eCommerce | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Access Manager | 6.2 | No direct impact | See Note 1. | 2018-05-21 |
| Adaptive Authentication Cloud | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Adaptive Authentication Hosted | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Adaptive Authentication On-Prem | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| Archer Hosted (US) | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Archer Hosted (EMEA) | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Archer Platform | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| Archer Security Operations Management (SecOps) | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| Archer Vulnerability & Risk Manager (VRM) - Hardware Appliance | All Supported | No additional security risk | See Note 3. | 2018-05-21 |
| Archer Vulnerability & Risk Manager (VRM) - Virtual Appliance | All Supported | No additional security risk | See Note 3. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. | 2018-05-21 |
| Authentication Manager (Hardware Appliance - Dell PowerEdge & Intel platforms) | All Supported | No additional security risk | See Note 3. | 2018-05-21 |
| Authentication Manager (Virtual Appliance) | All Supported | No additional security risk | See Note 3. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. | 2018-05-21 |
| Authentication Manager Web Tier | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| BSAFE C Products: MES, Crypto-C ME, SSL-C | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| BSAFE Java Products: Cert-J, Crypto-J, SSL-J | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| Data Loss Prevention (Hardware Appliance) | All Supported | Impacted | Remediation plan in progress. | 2018-05-21 |
| Data Loss Prevention (Virtual Appliance) | All Supported | Impacted | Remediation plan in progress. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. | 2018-05-21 |
| Data Protection Manager (Software) | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| Data Protection Manager (Hardware Appliance) | All Supported | Impacted - Remediated | RSA Data Protection Manager 3.5.2.7 contains resolution for this issue. For more details, refer to the security advisory DSA-2018-189. | 2018-10-02 |
| Data Protection Manager (Virtual Appliance) | All Supported | Impacted - Remediated | RSA Data Protection Manager 3.5.2.7 contains resolution for this issue. For more details, refer to the security advisory DSA-2018-189. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. | 2018-10-02 |
| DCS: Certificate Manager | 6.9 | No direct impact | See Note 1. | 2018-05-21 |
| DCS: Validation Manager | 3.2 | No direct impact | See Note 1. | 2018-05-21 |
| eFraudNetwork (eFN) | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| enVision | EOL | The product has reached End of Life. Please refer to the Product Version Life Cycle for RSA enVision page on RSA Link. | 2018-05-21 | |
| Federated Identity Manager | 4.2 | No direct impact | See Note 1. | 2018-05-21 |
| FraudAction (OTMS) | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Identity Governance & Lifecycle (Software), Via Lifecycle & Governance (Software), Identity Management & Governance (Software) | 7.1, 7.0.2, 7.0.1, 7.0, 6.9.1, 6.9.0 | No direct impact | See Note 1. | 2018-05-21 |
| Identity Governance & Lifecycle (Hardware Appliance), Via Lifecycle & Governance (Hardware Appliance), Identity Management & Governance (Hardware Appliance) | 7.1, 7.0.2, 7.0.1, 7.0, 6.9.1, 6.9.0 | Impacted - Remediated | Refer to the security advisory DSA-2018-179 for OS and BIOS updates. Any Remote Agents or Remote AFX deployed in customer environment are a software product only and have no direct impact. See Note 1. | 2018-09-25 |
| Identity Governance & Lifecycle (Virtual Application) | 7.1 | Impacted - Remediated | Refer to the security advisory DSA-2018-179 for OS updates. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. Any Remote Agents or Remote AFX deployed in customer environment are a software product only and have no direct impact. See Note 1. | 2018-09-25 |
| Identity Governance & Lifecycle SaaS / MyAccessLive | Under investigation | Any Remote Agents or Remote AFX deployed in customer environment are a software product only and have no direct impact. See Note 1. | 2018-05-21 | |
| NetWitness Endpoint (ECAT) | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| NetWitness Logs & Packets / Security Analytics (Hardware Appliance) | All Supported | No additional security risk | See Note 3. | 2018-05-21 |
| NetWitness Logs & Packets / Security Analytics (Virtual Appliance) | All Supported | No additional security risk | See Note 3. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. | 2018-05-21 |
| NetWitness Logs & Packets / Security Analytics - Legacy Windows Collector | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| NetWitness Live Infrastructure | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| RSA Authentication Client (RAC) | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| RSA Central | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| SecurID Access Cloud Service | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| SecurID Access IDR VM | All Supported | No additional security risk | See Note 2. Customers are strongly advised to patch the virtual host environment where the product is deployed for full protection. | 2018-05-21 |
| SecurID Agent for PAM | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Agent for Web | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Agent for Windows | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Authenticate App for Android | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Authenticate App for iOS | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Authenticate App for Windows 10 | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Authentication Engine | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Authentication SDK | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token Converter | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token for Android | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token for Blackberry | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token for Desktop | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token for iPhone | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token for Windows Mobile | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token Toolbar | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Software Token Web SDK | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SecurID Transaction Signing SDK | All Supported | No direct impact | See Note 1. | 2018-05-21 |
| SYN | Current Hosted Environment | No additional security risk | See Note 2. | 2018-05-30 |
| Web Threat Detection | All Supported | No direct impact | See Note 1. | 2018-05-21 |
Note 1: It is a software product only. Reported vulnerabilities are best mitigated via firmware and operating system updates. Customers are strongly advised to patch their host systems where the product is installed.
Note 2: To take advantage of these vulnerabilities, an attacker first must be able to run malicious code on the targeted system. The product is designed to prevent users from loading and executing any external and/or untrusted code on the system. The reported issues do not introduce any additional security risk to the product.
Note 3: To take advantage of these vulnerabilities, an attacker first must be able to run malicious code on the targeted system. Access to the product to load external and/or potentially untrusted code is restricted to users with root or root-equivalent privileges only. The reported issues do not introduce any additional security risk to the product, provided the recommended best practices to protect the access of highly privileged account are followed.
Notes
For information on other Dell products, please see http://dell.com/support/speculative-store-bypass.
No ratings
