Guest

Preview Tool

Cisco Bug: CSCur26436 - Nexus 7000 & MDS 9000 evaluation of SSLv3 vulnerability (POODLE)

Last Modified

May 28, 2020

Products (8)

  • Cisco Nexus 7000 Series Switches
  • Cisco Nexus 7000 10-Slot Switch
  • Cisco Nexus 7000 4-Slot Switch
  • Cisco Nexus 7700 6-Slot Switch
  • Cisco Nexus 7000 18-Slot Switch
  • Cisco Nexus 7700 18-Slot Switch
  • Cisco Nexus 7000 9-Slot Switch
  • Cisco Nexus 7700 10-Slot Switch

Known Affected Releases

6.2(7) 6.2(8)

Description (partial)

Symptom:
Nexus 7000 and MDS 9000 switches include a version of SSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-3566

Conditions:
A POODLE exploit requires a man in the middle attack between the switch (the LDAP client utilising the SSL client) and the LDAP server. Nexus 7000 and MDS 9000 both contain an SSL client with SSLv3 support. The client supports fallback to SSLv3 if negotiation with TLS 1.0 fails. 

The LDAP SSL feature may be configured to utilise this client. This feature is disabled by default. Hence, this vulnerability only exists if the LDAP feature is enabled.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.