A vulnerability in certain implementations of the TLSv1 protocol could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper block cipher padding implemented in TLSv1 when using Cipher Block Chaining (CBC) mode. An attacker could exploit the vulnerability to perform an "oracle padding" side channel attack on the cryptographic message. A successful exploit could allow the attacker to access sensitive information. Consult the bug release note for additional information about affected products and configurations. F5 Networks has confirmed the vulnerability in a security advisory and released software updates. Attacks exploiting this vulnerability are identified as Padding Oracle On Downgraded Legacy Encryption (POODLE) attacks, which could be used to disclose HTTP cookies or other HTTP authorization content that is being transmitted over an TLSv1.x secure session. This issue should not be confused with CVE-2014-3566, as described in Cisco Alert 36084. It should be noted that oracle does not refer to the software company of the same name, but to a term used in cryptography. To exploit the vulnerability, the attacker may require access to a trusted, internal network to perform man-in-the-middle attacks on a targeted system. This access requirement limits the likelihood of a successful exploit.
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Version | Description | Section | Status | Date |
4.0 | Cisco has released software and fix information for additional products affected by the SSL-TLS implementations Cipher Block Chaining padding information disclosure vulnerability. | NA | Final | 2015-May-29 |
3.0 | IBM has released a security bulletin and fixes to address the SSL-TLS implementations Cipher Block Chaining padding information disclosure vulnerability. | NA | Final | 2014-Dec-26 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.