Cisco UC Vulnerable to POODLE Attacks

Another Day Another Vulnerability…Angry Poodle Goes GRRRR

It seems as though we can’t even make it one consecutive week now without another key protocol or system being breached and or exploited. I suppose this is the cost of having more and more people with access to systems. And generations being raised at the keyboard, mind you not complaining just a simple musing.

And this week is no different, Cisco has posted a PSIRT Notice for this weeks latest and greatest exploit.

Which might I add has an awesome name, POODLE. POODLE is short for “SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability” which I’m glad there’s a short version because that’s a mouthful.

What is POODLE?

In short POODLE is an exploit in the SSLv3 protocol when using the CBC cipher. Both of which mind you are only in place for backwards compatibility with older browsers. They have long been deprecated by Transport Layer Security (TLS). However because of people holding onto IE6 and Windows XP a large majority of sites and web UI based products still offer them leaving them ripe for the picking. A nice detailed explanation of the attack over at Ars Technica.

What’s affected by it?

Full list of course in the PSIRT notice as it pertains to UC, looks like the standard gambit.

  • UCM
  • CUPS
  • UCCX
  • VCS
  • Video Endpoints

How do I patch it?

Right now you don’t, Cisco has not yet released a patch for the vulnerability so keep an eye on the PSIRT notice for patched software. I’ll also be updating this post with links to the patches as they become available. Until then cheers to another week of vulnerabilities.

Permanent link to this article: https://tripplehelix.net/cisco-uc-vulnerable-poodle-attacks/

Leave a Reply