Cisco Bug: CSCta04885 - CSS May omit headers when processing client certificates
Feb 22, 2017
- Cisco CSS 11000 Series Content Services Switches
Known Affected Releases
Symptom: An issue in the validation of HTTP Requests by researcher George D. Gal of Virtual Security Research LLC. This is documented at the following IntelliShield alert: * http://tools.cisco.com/security/center/viewAlert.x?alertId=20808 Conditions: The CSS will only insert client certificate header information when a HTTP header terminator uses carriage return/line feed (CRLF) as per RFC 2612. Some web servers may however allow various permutations of this end-of-line terminator. If an unrecognized end-of-line terminator is detected client certificate header information insertion may fail.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases