Security breach found on the Fortigate firewall, how to resolve?

This is using Fortigate 200B firewall, with firmware version v5.0.12. However, my security team did a scan and found the following CVE summary:

SSL/TLS use of weak RC4 cipher port 10443/tcp over SSL CVSS: 3.7 Active
QID: 38601 CVSS Base: 4.3
Category: General remote services CVSS Temporal: 3.7
CVE ID: CVE-2013-2566
Vendor Reference: -
Bugtraq ID: -
Service Modified: 05/04/2015
User Modified: -
Edited: No
PCI Vuln: No
Ticket State:
First Detected: 04/04/2015 at 14:05:08 (GMT+0200) Last Detected: 07/04/2015 at 13:00:09 (GMT+0200) Times Detected: 2
CVSS Environment:
Asset Group:
Collateral Damage Potential: Not Defined
Target Distribution: Not Defined
Confidentiality Requirement: Not Defined
Integrity Requirement: Not Defined
Availability Requirement: Not Defined
THREAT:
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide integrity, confidentiality and authenticity services to other
protocols that lack these features.
SSL/TLS protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of the higher layer protocols and thus provide the
confidentiality service. Normally the output of an encryption process is a sequence of random looking bytes. It was known that RC4 output has some
bias in the output. Recently a group of researches has discovered that the there is a stronger bias in RC4, which make statistical analysis of
ciphertext more practical.
The described attack is to inject a malicious javascript into the victim's browser that would ensure that there are multiple connections being
established with a target website and the same HTTP cookie is sent multiple times to the website in encrypted form. This provides the attacker a
large set of ciphertext samples, that can be used for statistical analysis.
NOTE: On 3/12/15 NVD changed the CVSS v2 access complicity from high to medium. As a result Qualys revised the CVSS score to 4.3
immediately. On 5/4/15 Qualys is also revising the severity to level 3.
IMPACT:
If this attack is carried out and an HTTP cookie is recovered, then the attacker can then use the cookie to impersonate the user whose cookie was
recovered.
This attack is not very practical as it requires the attacker to have access to millions of samples of ciphertext, but there are certain assumptions that
an attacker can make to improve the chances of recovering the cleartext from cihpertext. For examples HTTP cookies are either base64 encoded or
hex digits. This information can help the attacker in their efforts to recover the cookie.
SOLUTION:
RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in
SSL and TLS. However, TLSv 1.2 or later address these issues.
COMPLIANCE:
Not Applicable
EXPLOITABILITY:
There is no exploitability information for this vulnerability.
ASSOCIATED MALWARE:
There is no malware information for this vulnerability.
Sinagpore - Veolia ES page 28
RESULTS:
CIPHER KEY-EXCHANGE AUTHENTICATION MAC ENCRYPTION(KEY-STRENGTH) GRADE
TLSv1.1 WITH RC4 CIPHERs IS SUPPORTED
RC4-MD5 RSA RSA MD5 RC4(128) MEDIUM
RC4-SHA RSA RSA SHA1 RC4(128) MEDIUM
TLSv1.2 WITH RC4 CIPHERs IS SUPPORTED
RC4-MD5 RSA RSA MD5 RC4(128) MEDIUM
RC4-SHA RSA RSA SHA1 RC4(128) MEDIUM
4 SSH Protocol Version 1 Supported

It looks like the SSLVPN is using weak RC4 Cipher, what should I do to resolve it?

thanks,
LVL 1
MichaelBalackAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Sean JacksonInformation Security AnalystCommented:
So you should disallow weak ciphers, eliminate everything prior to TLS 1.1, and close port 10443.
MichaelBalackAuthor Commented:
Hi Sean,

The port 10443 is used for the SSL VPN, shall I change it to 443?
Sean JacksonInformation Security AnalystCommented:
I would first eliminate weak ciphers, make sure you're using TLS 1.1 and 1.2 only, and rescan. If the problem is mitigated, you're fine.
SolarWinds® IP Control Bundle (IPCB)

Combines SolarWinds IP Address Manager and User Device Tracker to help detect IP conflicts, quickly identify affected systems, and help your team take near instantaneous action. Help improve visibility and enhance reliability with SolarWinds IP Control Bundle.

MichaelBalackAuthor Commented:
Hi Sean,

Btw, how to eliminate weak ciphers, and only allow using TLS 1.1 & 1.2 only. I assume TLS 1.0 is disabled.
gheistCommented:
Current fortigate firmware is 5.2
Please upgrade and have modern version of SSL that disables DES, RC4 and SSLv3
btanExec ConsultantCommented:
this requires disabling of RC4 and SSLv3 whch are known to be flawed
Configuring SSL VPN security
The SSL VPN configuration includes a choice of encryption algorithm. You can only configure encryption key algorithms for SSL VPN in the CLI:

config vpn ssl settings
set algorithm <low/medium/high>
end

The default option of Medium at RC4 (128 bits) is acceptable, but the High option, AES (128/256 bits) and 3DES is more secure. The Low option, RC4 (64 bits), DES and higher does not meet PCI DSS requirements.
http://help.fortinet.com/fos50hlp/52data/index.htm#FortiOS/fortigate-compliance-52/PCI-DSS.htm#Configuring_FortiGate_units_for_PCI_DSS_compliance%3FTocPath%3DChapter%25207%2520-%2520Compliance%7CConfiguring%2520FortiGate%2520units%2520for%2520PCI%2520DSS%2520compliance%7CConfiguring%2520FortiGate%2520units%2520for%2520PCI%2520DSS%2520compliance%7C_____0
More setting in http://docs-legacy.fortinet.com/fgt/handbook/cli_html/index.html#page/FortiOS%205.0%20CLI/config_vpn.27.18.html

Also to note to close up the BEAST vulnerability
http://kb.fortinet.com/kb/documentLink.do?externalID=FD34165
gheistCommented:
Why you mention PCI-DSS? The requirement is to get rid of outdated encryption, not FIPS, or DSS
btanExec ConsultantCommented:
PCI DSS (Payment Card Industry Data Security Standard) is another compliance standard, having RC4 64 in fortigate make it non-compliance e.g.
The SSL VPN configuration includes a choice of encryption algorithm. Go to VPN > SSL > Config. The Default selection, RC4 (128 bits) is acceptable, but the High option, AES (128/256 bits) and 3DES is more secure. The Low option, RC4 (64 bits), DES and higher does not meet PCI DSS requirements.
FIPS has nothing to do with PCI-DSS compliance. And PCI compliance is not FIPS. FIPS is about cryptology checks and requirements, where as PCI-DSS is about systems protection for cardholder data.

The whole effort is to harden the FG to best functionally at optimal state and of course FIPS is possible too http://socpuppet.blogspot.sg/2014/09/hardening-your-fortigate-firewall-by.html

the whole effort can be verified to check if the CVE still is flagged per se. The scanner like ssltest also take the compliance standard as reference too.
gheistCommented:
Yes, but how it relates to initial question?
btanExec ConsultantCommented:
more alluding to the use of RC4 in case we have compliance in mind since the author go for such "check up" - those scanner uses internal compliance checklist practices to match against the target. Of course I may went beyond the topic but overall the objective is to disable RC4 if possible.
MichaelBalackAuthor Commented:
Hi Btan,

Let's me check whether the RC4 option can be unticked.
gheistCommented:
Upgrade and RC4 will disappear.
btanExec ConsultantCommented:
Also as mebtiined previously harden your Fortinet to ensure the proper crypto algorithms and services are enabled/disabled. The RC4 is abled in this case.

config system global
    set strong-crypto enable
end
config vpn ssl settings
    set sslv3 disable
    set algorithm high
end

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MichaelBalackAuthor Commented:
Sorry for being delay.

Thanks for btan, his suggestions on the commands on VPN SSL Settings are excellent as RC4 is disabled to stop the security breach. By applying the commands as suggested, my security audit is passed.
btanExec ConsultantCommented:
Thanks for sharing
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.