Cisco Bug: CSCur78193 - Poodle SSL bug vulnerability
Apr 18, 2016
- Cisco Broadband Access Center for Telco and Wireless
Known Affected Releases
5.0 5.1 5.2
Symptom: Forced downgrade of connections to SSL 3.0 even if both server and client sides of the connection support higher protocols. Conditions: The problem comes when the secure connection is downgraded to use SSL 3.0 when higher level TLS communication failed by an attacker in the middle of a connection ie Whenever SSL handshake is negotiated with version 3.0. then the attacker may be able to force the browser to do exactly what it's designed to do. The problem is limited to SSLv3 only.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases