SSL 3.0 Protocol Vulnerability and POODLE Attack

Document ID : KB000029055
Last Modified Date : 14/02/2018
Show Technical Document Details

Systems Affected :

All systems and applications utilizing the Secure Socket Layer (SSL) 3.0 with cipher-block chaining (CBC) mode ciphers may be vulnerable. However, the POODLE (Padding Oracle On Downgraded Legacy Encryption) attack demonstrates this vulnerability using web browsers and web servers like WAC(Web Admin Console) and PM(Patch management)

Overview

US-CERT is aware of a design vulnerability found in the way SSL 3.0 handles block cipher mode padding. The POODLE attack demonstrates how an attacker can exploit this vulnerability to decrypt and extract information from inside an encrypted transaction

 

Description

The SSL 3.0 vulnerability stems from the way blocks of data are encrypted under a specific type of encryption algorithm within the SSL protocol. The POODLE attack takes advantage of the protocol version negotiation feature built into SSL/TLS to force the use of SSL 3.0 and then leverages this new vulnerability to decrypt select content within the SSL session. The decryption is done byte by byte and will generate a large number of connections between the client and server.

The web components (WAC, AMS and PM) run under the same instance of tomcat and the primary entry point is IIS (on Windows) or Apache webserver (on Linux) which redirects the requests to tomcat instance. To support HTTPS (HTTP over SSL) we recommend to configure IIS or Apache webserver with SSL or TLS. The configuration of the webservers (IIS or Apache webserver) for SSL/TLS is not done by the ITCM installer, but we recommend customers to do by themselves. 

Impact

The POODLE attack can be used against any system or application that supports SSL 3.0 with CBC mode ciphers. This affects most current browsers and websites, but also includes any software that either references a vulnerable SSL/TLS library (e.g. OpenSSL) or implements the SSL/TLS protocol suite itself. By exploiting this vulnerability in a likely web-based scenario, an attacker can gain access to sensitive data passed within the encrypted web session, such as passwords, cookies and other authentication tokens that can then be used to gain more complete access to a website (impersonating that user, accessing database content, etc.).

Solution

There is currently no fix for the vulnerability SSL 3.0 itself, as the issue is fundamental to the protocol; however, disabling SSL 3.0 support in system/application configurations is the most viable solution currently available.

 

If HTTPS is used then to avoid Poodle vulnerability following are the recommendations:

  1. Configure the webserver with latest version of TLS instead of SSL. Please refer to the OS and webserver documentation/help for setting up of TLS.
  2. The browser used to access the websites should disable SSL and enable latest versions of TLS. Please refer to the browser documentation/help for disabling SSL and enabling TLS