Guest

Preview Tool

Cisco Bug: CSCuo54045 - CMP on 6500 Sup2T may be vulnerable to published OpenSSH vulnerabilities

Last Modified

Jan 30, 2020

Products (1)

  • Cisco Catalyst 6000 Series Switches

Known Affected Releases

15.0(1)SY1

Description (partial)

Symptom:
The Cisco 6500 Connectivity Management Processor (CMP) on the Sup2T includes a version of OpenSSH that is affected by the vulnerabilities
identified by the following Common Vulnerability and Exposures (CVE) IDs: 

CVE-2007-4752, CVE-2008-1483, CVE-2008-5161

This bug was opened to address the potential impact on this product.

Conditions:
Device with default configuration.

Related Community Discussions

<key>CSCuo54045</key> - CMP on 6500 Sup2T may be vulnerable to published OpenSSH vulnerabilities
I'm looking to upgrade our CMP kernel on our Sup2T-10GE to mitigate this bug, but cannot locate the kernel file on the Cisco downloads and the CMP upgrade guides don't give a clear indication of where the upgrade code can be found. I know on the Nexus the CMP is wrapped up in the NX-OS installation packages. Is the same true of the 6500 CMP files?
Latest activity: Jun 14, 2016
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.