Cisco Bug: CSCuo22301 - Universal Small Cell 5000/7000 vulnerable to CVE-2014-0160 - Heartbleed
Dec 14, 2019
- Cisco Universal Small Cell 3000 Series
Known Affected Releases
V220.127.116.11 V18.104.22.168 V22.214.171.124
Symptom: The following products: Cisco Universal Small Cell 5000 Series Cisco Universal Small Cell 7000 Series include a version of openssl that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) ID CVE-2014-0160. This bug has been opened to address the potential impact on this product. Conditions: Device with default Cisco Solution configuration and running V3.4.x software, specifically: SCS1.0 with HNB SW V3.4.1.x SCS2.0 with HNB SW V126.96.36.199 - V188.8.131.52 SCS3.0 (pre-FCS) with HNB SW V184.108.40.206 - V220.127.116.11 Cisco partners running V3.4.x software without using TR069 over TLS are not vulnerable. Earlier software releases - V2.X and V3.1.X/V3.2.X / V3.3.X - are not vulnerable.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases