SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Multimedia)  >   Cisco TelePresence Vendors:   Cisco
Cisco TelePresence SSL 3.0 Protocol Downgrade Flaw Lets Remote Users Decrypt SSL Traffic
SecurityTracker Alert ID:  1031096
SecurityTracker URL:  http://securitytracker.com/id/1031096
CVE Reference:   CVE-2014-3566   (Links to External Site)
Date:  Oct 21 2014
Impact:   Disclosure of system information, Disclosure of user information
Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in Cisco TelePresence. A remote user can decrypt SSL sessions in certain cases.

A remote user can with the ability to conduct a man-in-the-middle attack can force a client to negotiate a downgrade to SSLv3 instead of a TLS v1.x protocol and then conduct a BEAST-style of attack to decrypt portions of the session.

This protocol vulnerability is referred to as the POODLE ("Padding Oracle On Downgraded Legacy Encryption") vulnerability.

This is a flaw in the protocol rather than in the SSL implementation.

Cisco has assigned bug IDs CSCur33286 (for Cisco TelePresence Advanced Media Gateway 3610), CSCur33289 (for Cisco TelePresence IP Gateway Series), CSCur33294 (for Cisco TelePresence IP VCR Series), CSCur33282 (for Cisco TelePresence ISDN Gateway),
CSCur33260 (for Cisco TelePresence MCU (8510, 8420, 4200, 4500 and 5300)), CSCur33267 (for Cisco TelePresence MSE 8050 Supervisor), CSCur33297 (for Cisco TelePresence Serial Gateway Series, CSCur33274 (for Cisco TelePresence Server 8710, 7010; for Cisco TelePresence Server on Multiparty Media 310, 324; and for Cisco
TelePresence Server on Virtual Machine, CSCur23698 (for Cisco TelePresence Video Communication Server), and CSCur33284 (for Cisco TelePresence MPS Series) to this vulnerability.

The original advisory is available at:

https://www.openssl.org/~bodo/ssl-poodle.pdf

Bodo Moller, Thai Duong, and Krzysztof Kotowicz reported this vulnerability.

Impact:   A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL sessions.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC