Cisco ACE30 and ACE4710 OpenSSL 'ChangeCipherSpec' MiTM Vulnerability
Medium Nessus Plugin ID 76127
SynopsisThe remote host is affected by a man-in-the-middle vulnerability.
DescriptionThe remote device is running a software version known to be affected by an OpenSSL related vulnerability. The flaw could allow a MiTM attacker to decrypt or forge SSL messages by telling the service to begin encrypted communications before key material has been exchanged, which causes predictable keys to be used to secure future traffic.
SolutionThere is currently no known solution.