06-22-2015 01:40 PM - edited 03-15-2019 06:09 AM
We are running CUIC 9.0 in our environment. Latest security scan identified POODLE vulnerability on CUIC servers. Cisco bug report states that they will fix this issue in 11.0 release. Meanwhile I wanted to disable SSL v3.0.
Kindly let me know the procedure
Thanks in advance!
06-23-2015 09:06 AM
Hi,
As per the latest update from the development team, the fix is to remove the support of SSLv3 and also provide a configuration to disable the same for the customers. The fix is present in 10.6 release onwards but not in the current version of CUIC.
Regards
Deepak
06-23-2015 03:18 PM
Thanks for your response Deepak.
CUIC servers in our environment are picked for POODLE Vulnerability. Are you saying that there is no way to disable SSL V3.0 in CUIC (Linux) servers until Cisco comes up with the fix?. Is there any workaround to remediate the vulnerability temporarily. Please advise.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide