Guest

Preview Tool

Cisco Bug: CSCur27131 - Evaluation of CVE-2014-3566 on Cisco Email Security Appliance

Last Modified

Aug 21, 2017

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

7.6.3-027 8.0.1-023 8.0.1-113 8.5.6-074 8.5.6-092 9.0.0-344

Description (partial)

Symptom:
This product includes a version of SSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-3566

This bug has been opened to address the potential impact on this product.

Conditions:
Exposure is configuration dependent.

Related Community Discussions

BUG #<key>CSCur27131</key> - Evaluation of CVE-2014-3566 on Cisco Email Security Appliance
I have raised a support case with TAC to try and get more information on the preferred config as well as what Ciphers then become available. Points raised in the support case are as follows: Current config based from existing artilce pre-POODLE &gt; MEDIUM:HIGH:-SSLv2:-aNULL:@STRENGTH Should the new config be &gt; MEDIUM:HIGH:-SSLv2:-SSLv3:-aNULL:@STRENGTH Use of strength meaning that the Ciphers are ordered and presented strongest to weakest as negotiation should occur at the first mutually accepted cipher. ...
Latest activity: Jan 28, 2015
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.