Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
954
Views
4
Helpful
1
Replies

[CVE-2014-3566] SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

Robert Sherwin
Cisco Employee
Cisco Employee

‎10-15-2014 06:30 PM

Cisco is aware of the reported vulnerability and is currently investigating this report.  Cisco is evaluating products to determine their exposure to this vulnerability.

Cisco has issued an official PSIRT notice for the SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

Please refer to the following information, as provided from our Product Security Incident Response Team (PSIRT):

SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability

Complete information about reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco is available on Cisco.com at:

http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html 

This web page includes instructions for press inquiries regarding Cisco Security Advisories. All Cisco Security Advisories are available at:

http://www.cisco.com/go/psirt

Cheers,
Robert Sherwin
Labels:
0 Helpful
1 Reply 1

Mathew Huynh
Cisco Employee
Cisco Employee

‎10-16-2014 07:38 PM

Quick-link to the PSIRT verified Email Security (ESA) vulnerability information as well as workaround:-


https://tools.cisco.com/bugsearch/bug/CSCur27131

Customers Also Viewed These Support Documents