This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
umar7
Contributor
‎2023-01-26 05:52 PM
Jump to solution

lucky13 vulnerability

502107707 SSL/TLS Strength connects.lionglobalinvestors.com connects.lionglobalinvestors.com Lucky Thirteen Vulnerability 05/23/2022 01/11/2023 SSL-033 Failed lucky13 vulnerability found. potentially vulnerable, uses TLS CBC ciphers Low 2.3 Active The Lucky Thirteen attack is a cryptographic timing attack against implementations of the Transport Layer Security (TLS) protocol that use the CBC mode of operation. OpenSSL, NSS, GnuTLS, yaSSL, PolarSSL, Opera, and BouncyCastle have released patches to protect TLS in CBC-mode against our attacks. Apply the corresponding patch which can be found at http://www.isg.rhul.ac.uk/tls/Lucky13.html "https://en.wikipedia.org/wiki/Lucky_Thirteen_attack https://arstechnica.com/information-technology/2013/02/lucky-thirteen-attack-snarfs-cookies-protecte... http://www.isg.rhul.ac.uk/tls/Lucky13.html" Very High

 

hello team i have attached the below vulnerability i need to mitigate this but i know how to solve the first TLS vulneraility i dont know the lucky13 vulnerability kindly can anyone help me to get solve this issue .it would be very helpful.

Preview file
10 KB
0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2023-01-27 05:18 AM
In response to umar7
Jump to solution

Refer to the following SK, which has an official statement on CVE-2013-0169: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
If you need more details, please consult with the TAC.

View solution in original post

9 Replies
the_rock
Legend
Legend
‎2023-01-26 06:02 PM
Jump to solution

I tried opening the file attached, but no matter how big I make it, cant see anything, sorry : (. Can you try attach it as normal screenshot?

0 Kudos
umar7
Contributor
‎2023-01-26 06:46 PM
In response to the_rock
Jump to solution

 
Preview file
7 KB
Preview file
5 KB
Preview file
15 KB
0 Kudos
the_rock
Legend
Legend
‎2023-01-26 07:20 PM
In response to umar7
Jump to solution

Is there CVE for it? I cant find much in inspection settings or IPS protections.

0 Kudos
umar7
Contributor
‎2023-01-26 09:38 PM
In response to the_rock
Jump to solution

CVE - 2013-0169

0 Kudos
PhoneBoy
Admin
Admin
‎2023-01-26 07:49 PM
Jump to solution

Are you trying to mitigate a found vulnerability on a Check Point device? (If so, what version/JHF level)
Or are you trying to mitigate a found vulnerability on a website protected by a Check Point firewall running Threat Prevention?

In any case, it doesn't seem like a high-severity vulnerability since attackers generally need to be located on the same LAN they are attacking to launch a successful attack.
See: https://crashtest-security.com/prevent-ssl-lucky13/ 

0 Kudos
umar7
Contributor
‎2023-01-26 09:25 PM
In response to PhoneBoy
Jump to solution

 
Preview file
1 KB
Preview file
1 KB
0 Kudos
PhoneBoy
Admin
Admin
‎2023-01-27 05:18 AM
In response to umar7
Jump to solution

Refer to the following SK, which has an official statement on CVE-2013-0169: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
If you need more details, please consult with the TAC.

the_rock
Legend
Legend
‎2023-01-27 06:05 AM
In response to umar7
Jump to solution

To add to what phoneboy said, based on below does not appear its really a vulnerability to be overly concerned about:

https://nvd.nist.gov/vuln/detail/cve-2013-0169

Andy

0 Kudos
G_W_Albrecht
Legend
Legend
‎2023-02-08 05:26 AM
Jump to solution

So what was the final decision here and what was done ?

CCSE CCTE CCSM SMB Specialist
0 Kudos