Guest

Preview Tool

Cisco Bug: CSCur78193 - Poodle SSL bug vulnerability

Last Modified

Feb 15, 2018

Products (1)

  • Cisco Broadband Access Center for Telco and Wireless

Known Affected Releases

5.0 5.1 5.2

Description (partial)

Symptom:
Forced downgrade of connections to SSL 3.0 even if both server and client sides of the connection
support higher protocols.

Conditions:
The problem comes when the secure connection is downgraded to use SSL 3.0 when higher level TLS communication failed by an attacker in the middle of a connection ie Whenever SSL handshake is negotiated with version 3.0. then the attacker may be able to force the browser to do exactly what it's designed to do. The problem is limited to SSLv3 only.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.