Preview Tool

Cisco Bug: CSCus94884 - AIM-SSL is vulnerable to Poodle-TLS CVE-2014-8730

Last Modified

Jan 27, 2017

Products (1)

  • Cisco IOS

Known Affected Releases


Description (partial)

Cisco IOS running on Cisco 1800/2800/3800 Series Routers with a AIM-VPN/SSL-2 card includes a version of TLS that is affected by the
vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:


This vulnerability is hardware dependent.

Note: Cisco 1800/2800/3800 Series Routers and AIM-VPN/SSL-2 card are End of Life products.


Cisco IOS running on 1800/2800/3800 Series Router is affected if the following conditions are verified:
1- The device is configured with AnyConnect or Clientless SSL VPN feature
2- The Cisco AIM-VPN/SSL-2  card is used for hardware crypto accelerator

To verify whether SSL VPN is configured use the ''show webvpn gateway brief'' and verify that the gateway is up. The following example shows a
system with the SSL VPN gateway called TEST:

router#show webvpn gateway brief 

Gateway Name                       Admin  Operation
------------                       -----  ---------
TEST                               up     up  

To verify whether the AIM-VPN/SSL-2  crypto engine is enabled, use the ''show crypto eli s'' command and verify that the AIM-VPN/SSL-2 section is
The following example shows a system configured for onboard.

router#show crypto eli s
AIM-VPN/SSL-2                       Count       msec
Create DH                               4       24.0
Modular Exponentiation                 97        3.8
Create signature                        3       18.6
Verify signature                        2       12.0
Decrypt with private key                2        8.0
SSL Create                              2        4.0
SSL Delete                              1        0.0


For additional information about other affected Cisco IOS products, refer to Cisco bug id:  CSCus17354
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.