cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Chrome browser causes ssl enforcment violations

We are seeing issues where the Chrome browser on a pc is causing SSL enforcement to hit on our firewall.  The attack is OpenSSL ChaCha20_Poly1305 Cipher Suites and the protection is asm_dynamic_prop_CVE_2016_7054.  The same website works fine with an Internet Explorer browser.  We do not want to keep creating exceptions to bypass this protection.  Has anyone had this issue with these browsers?  We have Gaia Running 77.30 on our cluster of firewalls.  The website we are testing with is www.microsoft.com.  We also tested with www.wikipedia.org and had the same results.

0 Kudos
6 Replies

Re: Chrome browser causes ssl enforcment violations

I have looked up the CVE ID and that vulnerability is back from 2016. It also shows on the list of vulnerabilities within the OpenSSL library which I believe Chrome uses. 

Vulnerabilities – Application Security – Google 

What version of the Chrome browser is triggering the events? Is it up to date?

0 Kudos

Re: Chrome browser causes ssl enforcment violations

Chrome version 71.0.3578.98 and it says it is up to date.  Cant quite figure out why it is triggering the protection or how to get around it.

0 Kudos

Re: Chrome browser causes ssl enforcment violations

Thanks Eric. Is there any chance you could post a screenshot of the log message please?

0 Kudos

Re: Chrome browser causes ssl enforcment violations

On the browser we just get a blank page. No errors. On Cjeckpoint we get the deny log for the open ssl vulnerability. I have two machines running the same version of chrome. One works but the other causes the checkpoint open ssl violation. 

0 Kudos

Re: Chrome browser causes ssl enforcment violations

Very interesting. Are there any add-ins for Chrome that may be doing something weird and that may use the openSSL library? If you run the browser incognito mode does it generate the event? 

0 Kudos
Admin
Admin

Re: Chrome browser causes ssl enforcment violations

I would open a TAC case so we can properly investigate this.

0 Kudos