Initial Publication Date: Advisory Status: Advisory Severity: CVSS Base Score:Legacy ID
23 Dec 2014 Closed Medium CVSS v2: 4.3 SA86
Some implementations of the TLS v1, 1.1, and 1.2 protocol have a padding-oracle cryptography flaw. A man-in-the-middle attacker can use this flaw to obtain plain text from the intercepted TLS session.
The following products are vulnerable:
Reporter 9.x prior to 9.5.1 is vulnerable. Reporter 10.1 is not vulnerable.
Reporter 9.5 - a fix is available in 9.5.1.
Reporter 9.4 - a fix will not be provided. Please upgrade to a later version with the vulnerability fixes.
Additional Product Information
The following products are not vulnerable: Advanced Secure Gateway
Android Mobile Agent
Blue Coat HSM Agent for the Luna SP
Cloud Data Protection for Salesforce
Cloud Data Protection for Salesforce Analytics
Cloud Data Protection for ServiceNow
Cloud Data Protection for Oracle CRM On Demand
Cloud Data Protection for Oracle Field Service Cloud
Cloud Data Protection for Oracle Sales Cloud
Cloud Data Protection Integration Server
Cloud Data Protection Communication Server
Cloud Data Protection Policy Builder
Content Analysis System
General Auth Connector Login Application
IntelligenceCenter Data Collector
Mail Threat Defense
Malware Analysis Appliance
Malware Analyzer G2
Norman Shark Industrial Control System Protection
Norman Shark Network Protection
Norman Shark SCADA Protection
ProxyAV ConLog and ConLogXP
Blue Coat no longer provides vulnerability information for the following products:
Please contact Digital Guardian technical support regarding vulnerability information for DLP.
CVSS v2 base score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
The POODLE attack can be used against implementations of TLS v1.0, 1.1, and 1.2 that do not validate the CBC padding bytes when terminating connections just as it is used against SSL v3 implementations. This security advisory is specific to padding validation flaws in TLS 1.x implementations in Blue Coat products. See SA83 for further details on how the POODLE attack against SSL v3 implementations affects Blue Coat products.
Failure to validate the CBC padding bytes provides a way for an attacker to obtain clear text data from a TLS 1.x session. The attacker must be a man-in-the-middle that is able to inject chosen plain text into the session. Over time, the attacker will be able to use the flaw to obtain clear text data (e.g., a cookie) from the session in a manner similar to BEAST.
The version of OpenSSL in the Linux and ISO versions of Reporter can be updated to a later version of OpenSSL that includes a fix this vulnerability. For assistance, please contact Blue Coat Technical Support.
Disable CBC mode cipher suites for all TLS v1.x sessions.
CVE-2014-8730 - the CVE for the first known affected products The POODLE Bites Again - description of the vulnerability from Imperial Violet
2017-02-15 Vulnerability inquiries for DLP should be addressed to Digital Guardian technical support. SA status moved to Final.
2016-11-17 Cloud Data Protection for Oracle Field Service Cloud is not vulnerable.
2016-05-26 A fix for Reporter 9.x is available in 9.5.1. Reporter 10.1 is not vulnerable. IntelligenceCenter Data Collector is not vulnerable.
2016-05-11 No Cloud Data Protection products are vulnerable.
2016-04-26 Advanced Secure Gateway, Blue Coat HSM Agent for the Luna SP, General Auth Connector Login Application, K9, Mail Threat Defense, and PolicyCenter S-Series are not vulnerable. IntelligenceCenter Data Collector is under investigation.
2015-07-04 Title Update
2015-03-04 Client Connector is not vulnerable
2015-03-03 ProxyAV ConLog and ConLogXP are not vulnerable; Management Center is not vulnerable
2015-02-24 Reporter is vulnerable
2015-02-20 Norman Shark products are not vulnerable; BCAAA is not vulnerable; Auth Connector is not vulnerable
2015-01-30 ProxySG is not vulnerable
2015-01-21 MAA and MAG2 are not vulnerable, ProxyAV is not vulnerable
2015-01-13 IntelligenceCenter is not vulnerable
2014-12-23 Initial public release
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.