Guest

Preview Tool

Cisco Bug: CSCuv33150 - Cisco ACE30/4710 TLS Poodle variant vulnerability

Last Modified

Feb 21, 2018

Products (1)

  • Cisco ACE 4700 Series Application Control Engine Appliances

Known Affected Releases

3.0(0)A5(3.0) 3.0(0)A5(3.1a) 3.0(0)A5(3.1b)

Description (partial)

Symptom:
On 14/7/15 a researcher published an article mentioning that ACE30 and 4710 could be vulnerable to a variant of Poodle TLS where only the first
byte of the padding is not check.
This is due to a issue in the Cavium SDK used in these products. While this has not been found practically exploitable, Cisco will incorporate
Cavium patch to harden the Cisco ACE.

The fix will be included in release 5.3.3 available in late August.
The public post is available at:
https://vivaldi.net/en-US/userblogs/entry/there-are-more-poodles-in-the-forest

Conditions:
none

Related Community Discussions

CSCus09311 - TLS Poodle vulnerability CVE-2014-8730 for ACE10/20 with update for ACE30
In respect to the ACE30, this &quot;POODLE TLS&quot; bug appears to be superseded by <key>CSCuv33150</key> Cisco ACE30/4710 TLS Poodle variant vulnerability <key>CSCuv33150</key>   Description Symptom: On 14/7/15 a researcher published an article mentioning that ACE30 and 4710 could be vulnerable to a variant of Poodle TLS where only the first byte of the padding is not check. This is due to a issue in the Cavium SDK used in these products. While this has not been found practically exploitable, Cisco will incorporate Cavium patch ...
Latest activity: Aug 08, 2015
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.