Vulnerability Characteristics

The SSLv3 protocol fallback vulnerability has been assigned the Common Vulnerabilities and Exposure (CVE) ID CVE-2014-3566. 

On October 14, 2014, a vulnerability in the Cipher-Block-Chaining (CBC) mode of the Secure Sockets Layer version 3 (SSLv3) protocol was publicly announced here: https://www.openssl.org/~bodo/ssl-poodle.pdf

SSL 3.0 (RFC-6101) is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 (RFC-2246), TLS 1.1 (RFC-4346), and TLS 1.2 (RFC-5246), many TLS implementations remain backward compatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used. However, even if a client and server both support a version of TLS, the security level offered by SSL 3.0 is still relevant because many clients implement a protocol downgrade dance to work around serverĀside interoperability bugs.

Attackers can exploit the downgrade dance and break the cryptographic security of SSL 3.0. The POODLE attack will allow them, for example, to steal "secure" HTTP cookies (or other bearer tokens such as HTTP Authorization header contents).

Impact on Cisco Products

Successful exploitation of the vulnerability may cause subsets of the encrypted communication to be decrypted by the attacker.

The Cisco Product Security Incident Response Team (PSIRT) is currently investigating which Cisco products are affected by this vulnerability. Any updates specifically related to Cisco products will be communicated according to the Cisco Security Vulnerability Policy and will be published in the Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability.

The Cisco Computer Security Incident Response Team (CSIRT) is investigating Cisco public-facing infrastructure that could be susceptible to this vulnerability to facilitate its remediation.

Mitigation Summary

Cisco recommends customers disable SSLv3 on both the server side and the client side. The method and availability to do this will depend on each product. For example, in administration interfaces over HTTPS, it is likely easier to disable SSLv3 in client browsers than it is in the product itself.

Effective use of Cisco Next-Generation Intrusion Prevention System (NGIPS) event actions provides visibility into and protection against attacks that attempt to exploit this vulnerability. The Sourcefire Snort SIDs for this vulnerability are 32204 and 32205.

References

Researcher white paper: https://www.openssl.org/~bodo/ssl-poodle.pdf

Researcher blog: https://www.imperialviolet.org/2014/10/14/poodle.html

US-CERT Advisory TA14-290A: https://www.us-cert.gov/ncas/alerts/TA14-290A

This document is part of the Cisco Security portal. Cisco provides the official information contained on the Cisco Security portal in English only.

This document is provided on an “as is” basis and does not imply any kind of guarantee or warranty, including the warranties of merchantability or fitness for a particular use. Your use of the information in the document or materials linked from the document is at your own risk. Cisco reserves the right to change or update this document without notice at any time.

Back to Top