Guest

Preview Tool

Cisco Bug: CSCur27999 - CSS : evaluation of SSLv3 POODLE vulnerability

Last Modified

Aug 04, 2017

Products (1)

  • Cisco CSS 11000 Series Content Services Switches

Known Affected Releases

8.20(6.1)

Description (partial)

Symptom:
This product includes a version of SSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-3566

This bug has been opened to address the potential impact on this product.

Conditions:
The CSS is vulnerable to this issue if it is configured for SSL Initiation, SSL Termination or SSL End-to-End and has a SSL card in the chassis.

The CSS is not vulnerable to this issue for management connections to the CSS management and local interfaces because SSLv3 is NOT enabled for those connections.

Related Community Discussions

LB 関連: 2014 年に公開された脆弱性のまとめ
    はじめに  このページでは、2014 年に公開された脆弱性のうち、Cisco 負荷分散装置(ACE10/20/30, ACE4710, CSS) に 関連するものについて紹介します。 1. Security Advisory に関するおさらい 2. CSS, ACE10/20, ACE4710 A3(x) について 3. ACE architecture のおさらい 4. 2014 年に公開された脆弱性一覧   1. Security Advisory に関するおさらい  Cisco では、 セキュリティ脆弱性ポリシーに基づき、重要なセキュリティ問題と考えられるものをセキュリティ アドバイザリ として公開しています。 英語版 http://www.cisco.com/go/psirt 日本語版 http://www.cisco.com/cisco/web/support/JP/loc/security/index.html   この情報は下記のような複数の方法で受信することができます。 Cisco.com http://www.cisco.com/security/ E-mail ...
Latest activity: Aug 30, 2017
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.