Cisco Bug: CSCuo13443 - CVE-2013-6450 OpenSSL Multiple Denial of Service Vulnerabilities
Jan 30, 2020
- Cisco Wide Area Application Services (WAAS) Appliances
Known Affected Releases
Symptoms: Cisco WAAS includes a version of OpenSSL (1.0.0a with patches) that some scanners may flag as affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE-2013-6450 , CVE-2013-6449 and CVE-2013-4353 Cisco has analyzed these vulnerabilities and concluded that the product is not impacted. Conditions: Not applicable WAAS is not vulnerable as it doesn'tt support the affected features - TLS 1.2, DTLS and Next Protocol Negotiation. The code fix applied via this bug was the patch of CVE-2013-6450, given that OpenSSL 1.0.0a has code support for DTLS but the path to this code is not reached via any configuration of the WAAS.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases