Through emPSN’s registrations with various security partners we receive information around the IP addresses on the emPSN network, including potential vulnerabilities. Third Party vulnerability data is taken from public reference sources, supplied on an as is basis. Data should be used to confirm and check the posture of the equipment running within your network.
HTTP – Hypertext Transfer Protocol.
Is used explicitly for HTTPS services and hence is the standard port for encrypted HTTP traffic. It is also called HTTPS port 443, allowing secured communications which run through TCP port 443.
What does HTTPS Protect? HTTPS secures your data communications between client and server with encryption and to ensure that your traffic cannot read or access the conversation.
Port 443 Vulnerabilities
The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology. The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3. However, like many other attacks listed here, this vulnerability is also based on a forced downgrade attack.
Recommended Actions:
We continue to see customers using outdated or mis configured web server technologies leaving them open to abuse from users on the Internet, we recommend customers maintain up to date, patched, hardened and checked resources which are used to service users on the Internet. You could be vulnerable to the following vulnerabilities without even knowing it:
- Heartbleed (CVE-2014-0160)
- CCS (CVE-2014-0224)
- Secure Renegotiation (CVE-2009-3555)
- CRIME, TLS (CVE-2012-4929)
- BREACH (CVE-2013-3587)
- POODLE, SSL (CVE-2014-3566)
- FREAK (CVE-2015-0204)
- DROWN (2016-0800, CVE-2016-0703)
- LOGJAM (CVE-2015-4000)
- BEAST (CVE-2011-3389)
- RC4 (CVE-2013-2566, CVE-2015-2808)
The empsn Firewall where configured will allow external users to access your resources on the HTTPS TCP 443 port, it is the responsibility of the customer organisation to maintain the posture and security of the hosted server or device.
Questions:
If you have any questions or concerns about this advisory, please contact us via our support desk – support@empsn.org.uk
References:
- See attached link for vulnerability examples via Acunetix:
- NCSC is also a useful site and the latest threats can be found via their website:
- CVE.mitre.org is also another useful site and by searching their “CVE list” and typing in the Vulnerability they can help identify and mitigate the issue:
- Drown – DROWN SSL/TLS Vulnerability – emPSN