RSA-to-EXPORT_RSA "Freak" Downgrade Attacks ( CVE-2015-0204 )

Article ID: SEC0004 RSA-to-EXPORT_RSA "Freak" Downgrade Attacks ( CVE-2015-0204 )


RSA-to-EXPORT_RSA "Freak" Downgrade Attacks ( CVE-2015-0204 )


In the 1980's, United States classified encryption ciphers as either strong ( greater than 512 bit key) or export-grade (maximum 512 bit key).  

In theory, when establishing a connection, the strongest cipher available is negotiabled. The  downgrade attack vulnerability for OpenSSL (known as a "Freak" attack) allows a man-in-the-middle attacker to impact the negotiation and downgrade connections from a strong cipher to an export-grade cipher, thus making the cipher more suceptible to hackers.

The Freak vulnerability is only possible if (a) the client application is vulnerable and (b) the host server supports export-grade keys. Export-grade ciphers were done away with a long time ago and almost no modern servers offer export-grade ciphersuites anymore. Additionally, CommVault's server software uses a strong ciphersuite only with no option for negotiation or downgrade.  As such, CommVault's encrypted communication - as provided - is not suceptible to Freak attacks.

CommVault does use Apache Tomcat web server for Web Console hosting.  If Tomcat is configured to use SSL as documented, OpenSSL is not used and there is no vulnerability to Freak attacks..

For more information on Freak vulnerability see the National Vulnerability Database.