Guest

Preview Tool

Cisco Bug: CSCun01941 - Passive cert scan fails for large certs in some cases

Last Modified

Apr 30, 2014

Products (1)

  • Cisco ASA Next-Generation Firewall Services

Known Affected Releases

9.1(3.0.8)

Description (partial)

Symptom:
When CX is not decrypting a TLS flow, some server certificates are not scanned correctly.

Conditions:
First sever segment contains ServerHello and subsequent tcp segments contain Certificate message and certificate is large enough to span across multiple tcp segments.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.