A vulnerability in the SSL negotiation of OpenSSL could allow an unauthenticated, remote attacker to negotiate SSLv2 ciphers that have been disabled on the server.
The vulnerability is due to the ability of a malicious client to negotiate SSLv2 ciphers that have been disabled on the server and complete an SSLv2 handshake, even if all SSLv2 ciphers have been disabled. An exploit could allow the attacker to negotiate weak SSLv2 ciphers for SSL/TLS connections, making them vulnerable to man-in-the-middle attacks.
A vulnerability in the generation of Diffie-Hellman (DH) parameters based on unsafe primes in OpenSSL could allow an unauthenticated, remote attacker to discover the private DH exponent of a TLS server.
The vulnerability is due to the ability to generate DH parameters based on unsafe primes, introduced in version 1.0.2 of OpenSSL, where support was provided for generating X9.42 style parameter files. An attacker could exploit this vulnerability by completing multiple handshakes in which the peer uses the same private DH exponent. An exploit could allow the attacker to discover the private DH exponent of a TLS server and conduct man-in-the-middle attacks on the SSL/TLS connection.
On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities.
Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks on an SSL/TLS connection.
This advisory will be updated as additional information becomes available.
Cisco will release software updates that address these vulnerabilities.
Workarounds that address these vulnerabilities are not available.
This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl ["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl"]