Loading...

Knowledge Center


Email Gateway 7.x response to CVE-2014-3566 (POODLE SSLv3 vulnerability)
Technical Articles ID:   KB83178
Last Modified:  2/24/2017

Environment

McAfee Email Gateway (MEG) 7.x

Summary

CVE-2014-3566 states that the SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, also known as the "POODLE" issue.

For more information on CVE-2014-3566, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566.

Solution

McAfee has reviewed this issue and concluded that when the MEG Appliance is configured and situated according to the installation guide and supported best practices, in conjunction with the platform hardening present on the Appliance, it represents a minimum of risk to the customer:
  • Always site the appliance behind an enterprise firewall.
  • Configure Secure Shell, User Interface, and Remote Access to restrict the allowed connections.
  • If you have an out-of-band interface, enable it and disable in-band management.
The following patches will update the OpenSSL package and the default Appliance configuration to address the SSL 3.0 protocol vulnerability CVE-2014-3566 (POODLE):

MEG 7.6
This issue was resolved in MEG 7.6.3 and is fixed in all later versions. MEG 7.6.3 reached End of Life on October 30, 2016. For best results, upgrade to a supported version. See KB85857.

Workaround

For an interim solution, see KB83165 for steps to manually disable SSLv3. 

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.