Background
VMware Access Point is a virtual appliance used by several End-User Computing products to support remote access from the Internet into applications and virtual desktops running in corporate data centres or in the cloud. It is a security appliance used to protect this form of access. You can read more details of this here Technical Introduction to Access Point for Secure Remote Access - VMware End-User Computing Blog - VMware Blogs
Access Point allows very precise configuration of SSL and TLS settings to allow customers to use exactly the right versions of SSL/TLS and use a very specific set of encryption cyphers to balance the needs of support for older End-User Computing clients with the need to use the most up-to-date algorithms. By default, the set of SSL/TLS protocols and cyphers are considered strong at the time of Access Point release, but if a security vulnerability is detected, these settings can be altered by the administrator to remove support for the vulnerable protocol or cipher. When the SSL 3.0 POODLE attack vulnerability was identified in 2014, administrators disabled SSL 3.0 on all SSL terminating servers in order to protect against POODLE. Similarly, a cipher such as TLS_RSA_WITH_RC4_128_SHA is required by certain older Java versions and by Microsoft Windows XP, but since 2015 is now considered to be weak. Administrators are advised to remove this cipher if support for these older clients is no longer needed.
The DROWN attack vulnerability
In March 2016, the DROWN vulnerability was identified. Refer to https://blog.qualys.com/securitylabs/2016/03/04/ssl-labs-drown-test-implementation-details
This is a vulnerability with SSL 2.0.
If DROWN is only an SSL 2.0 vulnerability how can Access Point be affected?
This is exactly the question I had! When I originally read about this vulnerability, I wasn't concerned as Access Point has SSL 2.0 disabled by default. It also has SSL 3.0 and TLS 1.0 disabled.
I then worked with a VMware customer who reported to us that Access Point had this vulnerability and what could they do to protect against it.
Their Qualys SSL Labs scan against Access Point showed the following report.
My first step was to look at the SSL/TLS protocol list configured on Access Point. As expected SSL 2.0, SSL 3.0 and TLS 1.0 were all disabled. Just TLS 1.1 and TLS 1.2 were enabled. The Qualys SSL scan report showed what the problem was. Even though Access Point was set up securely, the customer had another unrelated email Web Server on their network exposed to the Internet that still had SSL 2.0 enabled. It also turned out that the customer had used the same wildcard SSL/TLS server certificate on this vulnerable email server as on the Access Point appliances. An attacker can therefore exploit the DROWN attack via this vulnerable email server even though SSL 2.0 is disabled on Access Point.
Practical steps to avoid this vulnerability
There are really only two options:
- The most important thing to do is to regularly scan Internet facing servers using a respected SSL/TLS scanner such as the scanner from Qualys SSL Labs. This will highlight these vulnerabilities. SSL 2.0 should definitely be disabled. SSL 3.0 and TLS 1.0 should also be disabled unless there is a very good reason to keep them enabled to support old client systems.
- This vulnerability has also highlighted the benefit of using separate SSL/TLS certificates for different systems exposed to the Internet. Instead of using a certificate with *.myco.com for all services, consider dividing these into specific certificates with say horizon.myco.com and email.myco.com. This way, any future vulnerability of this nature with the email servers will then not affect other correctly configured servers on the network.
This particular customer tightened up the configuration of their email servers to disable SSL 2.0 and a rescan of Access Point confirmed that they were no longer vulnerable. No changes were needed on Access Point.