Security Alert (A15-04-03): Vulnerability in IBM Lotus Notes and Domino

Description:

IBM has published a security bulletin to address a vulnerability related to Factoring Attack on RSA-EXPORT Keys (FREAK) problem in TLS/SSL used in IBM Java in Notes and Domino. It allows attackers to intercept HTTPS connections between vulnerable clients and servers and force them to use weaker or "export-grade" cryptography, which can be easily decrypted to steal or manipulate sensitive data.

Affected Systems:

• IBM Notes and Domino 9.0.1 Fix Pack 3 (plus Interim Fixes) and earlier
• IBM Notes and Domino 8.5.3 Fix Pack 6 (plus Interim Fixes) and earlier
• IBM Notes and Domino 8.5.3 Fix Pack 5 (plus Interim Fixes) and earlier
• All 9.0 and 8.5.x releases of IBM Notes and Domino prior to those listed above.

Impact:

Successful exploitation could lead to man-in-the-middle (MITM) attack and retrieval of sensitive information, even over encrypted SSL connections.

Recommendation:

The vendor has released fixes to address the issue and they can be downloaded at the following URL:

• Installers for the standalone Java patches for IBM Lotus Notes and Domino 9.0.1 Fix Pack 3, IBM Notes and Domino 8.5.3 Fix Packs 5 and 6
  http://www-01.ibm.com/support/docview.wss?uid=swg21701319

More Information:

http://www-01.ibm.com/support/docview.wss?uid=swg21701319
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0138