NetSight Poodle Attack TLS cipher suites

  • 0
  • 2
  • Question
  • Updated 1 year ago
  • Answered
Hi,

our internal audit-team found a few protocol warnings inside the communication between our NetSight server and a few NAC-enabled switches (The firewall generated alarms).
I think that these warnings are generated, when the identity-management sends out information to the NetSight via the xmlc-configuration.
The threat-id says, that NetSight is using TLS1.0 with CBC which is vulnerable to the Poodle attack.

Now the question: Is there a way to influence, which cipher-suites for TLS-connections are accepted, as well in the EXOS as on the NetSight server?
Are there maybe patches? - EXOS is 16.1.3.6-patch6 on the most devices.

Best Regards
Chacko
Photo of Chacko

Chacko

  • 1,206 Points 1k badge 2x thumb

Posted 1 year ago

  • 0
  • 2
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Great find by your security team!  I would love to know the answer to this and/or would like to see this patched! 
Photo of Drew C.

Drew C., Community Manager

  • 38,612 Points 20k badge 2x thumb
Hi Chacko,
Here's our Vulnerability Notice on the POODLE attack: https://extremeportal.force.com/ExtrArticleDetail?n=000008192
I'm seeing some conflicting information, but I believe this has been fixed and that there are options in some of the latest EXOS releases that will allow you to edit which ciphers are used. I'll send some emails internally to get more information

-Drew