Cisco Virtual Security Gateway OpenSSL Alternative Certificate Validation Bypass (cisco-sa-20150710-openssl)
Medium Nessus Plugin ID 85685
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe remote Cisco Virtual Security Gateway device is affected by a certificate validation bypass vulnerability in the bundled OpenSSL library due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains in cases where the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication.
SolutionUpgrade to the relevant fixed version referenced in Cisco bug ID CSCuv26137.