Guest

Preview Tool

Cisco Bug: CSCuv33150 - Cisco ACE30/4710 TLS Poodle variant vulnerability

Last Modified

Jan 03, 2017

Product

Cisco ACE 4700 Series Application Control Engine Appliances

Known Affected Releases

3.0(0)A5(3.0) 3.0(0)A5(3.1a) 3.0(0)A5(3.1b)

Description (partial)

Symptom:
On 14/7/15 a researcher published an article mentioning that ACE30 and 4710 could be vulnerable to a variant of Poodle TLS where only the first
byte of the padding is not check.
This is due to a issue in the Cavium SDK used in these products. While this has not been found practically exploitable, Cisco will incorporate
Cavium patch to harden the Cisco ACE.

The fix will be included in release 5.3.3 available in late August.
The public post is available at:
https://vivaldi.net/en-US/userblogs/entry/there-are-more-poodles-in-the-forest

Conditions:
none
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.