TLS/SSL Ciphersuite Name Reporting Improvements

Change

The way TLS/SSL ciphersuites are reported by Tenable products is changing. The changes will add information to the output to help customers match our ciphersuite names to other naming conventions, and expand and correct coverage of available ciphersuites.

Currently our reports consist of a line per ciphersuite that looks like column spaced name/value pairs:

To improve normalization, the IANA ciphersuite code will be added to each reported cipher. This is the most consistent identifier for ciphersuites across products. It can be used to look up the OpenSSL, IANA, NSA or IETF name of a ciphersuite.

Additionally, ciphersuite names will be expanded and corrected. Some ciphersuites such as those with AES-CCM encryption will be given names rather than “N/A”. Other ciphersuite names that lacked bit strength or described a ciphersuite with NULL encryption will be corrected.  

The new output for the previous report:

Impact

TLS/SSL ciphersuite reporting occurs in several plugins. If you perform post-processing of plugin output that depends on the formatting of these reports, you may need to adjust that process. In a few rare cases you may see ciphersuites reported as having NULL strength when previously they were categorized as “High Strength”. In other cases, you may see a Tenable ciphersuite name where in previous reports you would see “N/A”.

In the legend for a ciphersuite report, ciphersuite names are correctly attributed as “Tenable” names rather than OpenSSL names.

Plugins

133306  Microsoft Remote Desktop Gateway Multiple RCE Vulnerabilities

  63643  MS13-006: Vulnerability in Microsoft Windows Could Allow Security Feature Bypass

  79638  MS14-066: Vulnerability in Schannel Could Allow Remote Code Execution

  60016  Vulnerability in TLS Could Allow Information Disclosure

  80035  TLS Padding Oracle Information Disclosure Vulnerability

  97191  F5 TLS Session Ticket Implementation Remote Memory Disclosure

  91572  OpenSSL AES-NI Padding Oracle MitM Information Disclosure

  58751  SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability

105415  Return Of Bleichenbacher's Oracle Threat (ROBOT) Information Disclosure

  21643  SSL Cipher Suites Supported

  77200  OpenSSL 'ChangeCipherSpec' MiTM Vulnerability

  31705  SSL Anonymous Cipher Suites Supported

Target Release Date

6 April 2020

__________________________________

Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.