Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Eric_Lindsey1
Explorer

Chrome browser causes ssl enforcment violations

We are seeing issues where the Chrome browser on a pc is causing SSL enforcement to hit on our firewall.  The attack is OpenSSL ChaCha20_Poly1305 Cipher Suites and the protection is asm_dynamic_prop_CVE_2016_7054.  The same website works fine with an Internet Explorer browser.  We do not want to keep creating exceptions to bypass this protection.  Has anyone had this issue with these browsers?  We have Gaia Running 77.30 on our cluster of firewalls.  The website we are testing with is www.microsoft.com.  We also tested with www.wikipedia.org and had the same results.

0 Kudos
6 Replies
Mark_Mitchell
Advisor

I have looked up the CVE ID and that vulnerability is back from 2016. It also shows on the list of vulnerabilities within the OpenSSL library which I believe Chrome uses. 

Vulnerabilities – Application Security – Google 

What version of the Chrome browser is triggering the events? Is it up to date?

0 Kudos
Eric_Lindsey1
Explorer

Chrome version 71.0.3578.98 and it says it is up to date.  Cant quite figure out why it is triggering the protection or how to get around it.

0 Kudos
Mark_Mitchell
Advisor

Thanks Eric. Is there any chance you could post a screenshot of the log message please?

0 Kudos
Eric_Lindsey1
Explorer

On the browser we just get a blank page. No errors. On Cjeckpoint we get the deny log for the open ssl vulnerability. I have two machines running the same version of chrome. One works but the other causes the checkpoint open ssl violation. 

0 Kudos
Mark_Mitchell
Advisor

Very interesting. Are there any add-ins for Chrome that may be doing something weird and that may use the openSSL library? If you run the browser incognito mode does it generate the event? 

0 Kudos
PhoneBoy
Admin
Admin

I would open a TAC case so we can properly investigate this.

0 Kudos