POODLE attack on SSL v3

Issue: POODLE attack on SSL v3

Category:  Significant

Discovery Time and Date: 10/15/14 02:05 PM

Event Log:

 _______________________________________________________________________________________________________________________________

 

10/20/14 02:05PM

Overview

On October 14th, 2014, researchers published a paper on a padding oracle attack against CBC-mode ciphers in SSLv3. This vulnerability has been labeled, CVE-2014-3566 also known as "POODLE" (Padding Oracle On Downgraded Legacy Encryption).

 

For full details and recommendations, please review the following article:

http://blogs.vmware.com/security/2014/10/cve-2014-3566-aka-poodle.html 

Issue

The most likely goal of an attack is to retrieve an encrypted session cookie in order to hijack a user's session. The attack involves man-in-the-middle (MITM) network access in conjunction with a certain amount of control over the user's browser to have it make repeated requests with content under the attacker's control, as well as heavy real-time computing power. 

 

Impact

Windows Mobile/CE devices will not communicate with AWCM or Athena Tunnel Server without SSL.

 

Resolution & Recommendations

A new AirWatch Windows Mobile/CE Agent has been released that will allow Windows Mobile/CE devices to function properly where AWCM is used. After upgrading to the new agent, SSL can be safely disabled.

Environments with Athena Tunnel Server are not expected to be TLS compatible.

AirWatch supports industry recommendations on disabling SSLv3 and requiring TLS for encrypted communication. 

 

_______________________________________________________________________________________________________________________________

Have more questions? Submit a request

0 Comments

Article is closed for comments.