Issue: POODLE attack on SSL v3
Discovery Time and Date: 10/15/14 02:05 PM
On October 14th, 2014, researchers published a paper on a padding oracle attack against CBC-mode ciphers in SSLv3. This vulnerability has been labeled, CVE-2014-3566 also known as "POODLE" (Padding Oracle On Downgraded Legacy Encryption).
For full details and recommendations, please review the following article:
The most likely goal of an attack is to retrieve an encrypted session cookie in order to hijack a user's session. The attack involves man-in-the-middle (MITM) network access in conjunction with a certain amount of control over the user's browser to have it make repeated requests with content under the attacker's control, as well as heavy real-time computing power.
Windows Mobile/CE devices will not communicate with AWCM or Athena Tunnel Server without SSL.
Resolution & Recommendations
A new AirWatch Windows Mobile/CE Agent has been released that will allow Windows Mobile/CE devices to function properly where AWCM is used. After upgrading to the new agent, SSL can be safely disabled.
Environments with Athena Tunnel Server are not expected to be TLS compatible.
AirWatch supports industry recommendations on disabling SSLv3 and requiring TLS for encrypted communication.