Cisco Bug: CSCup22534 - Multiple Vulnerabilities in OpenSSL - June 2014
Last Modified
Dec 13, 2019
Products (1)
- Cisco Identity Services Engine
Known Affected Releases
1.1(0.908) 1.2(0.899) 1.3(0.533) 1.3(101.300) 2.1(0.476) 2.2(0.245)
Description (partial)
Symptom: The following Cisco products Cisco Identity Services Engine (ISE) version 1.2.1.198 and earlier version 1.2.0.899 patch 10 and earlier version 1.1.4 all patch levels version 1.1.3 all patch levels version 1.1.2 all patch levels version 1.1.1 all patch levels version 1.0 all patch levels include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2014-0224 - SSL/TLS MITM vulnerability This bug has been opened to address the potential impact on this product. Conditions: Deployments that use LDAP over SSL as an authentication source or use Syslog over TLS to send events from ISE to a remote syslog server are potentially vulnerable to CVE-2014-0224.
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases