Cisco Prime Security Manager OpenSSL Alternative Chains Certificate Forgery (cisco-sa-20150710-openssl)
Medium Nessus Plugin ID 86105
SynopsisThe management application installed on the remote host is affected by a certificate authentication bypass vulnerability.
DescriptionAccording to its self-reported version number, the version of Cisco Prime Security Manager installed on the remote host has a bundled version of OpenSSL that is affected by a certificate validation bypass vulnerability. The vulnerability exists due to a flaw in the X509_verify_cert() function in x509_vfy.c that is triggered when locating alternate certificate chains when the first attempt to build such a chain fails. A remote attacker can exploit this, by using a valid leaf certificate as a certificate authority (CA), to issue invalid certificates that will bypass authentication.
SolutionUpgrade to Cisco Prime Security Manager 184.108.40.206 Build 11 or later.