Guest

Preview Tool

Cisco Bug: CSCup22544 - Multiple Vulnerabilities in OpenSSL - June 2014

Last Modified

Jan 29, 2017

Products (1)

  • Cisco ACE 4700 Series Application Control Engine Appliances

Known Affected Releases

3.0(0)A5(3.0)

Description (partial)

Symptom:
The following Cisco products

Cisco ACE Application Control Engine Module (ACE30 only)
Cisco ACE Application Control Engine Appliance (ACE4710)

running software versions:-
   A3x:-A1(7.0) to A3(2.7) for 4710 only
   A4X :- A4(1.0) to A4(2.3) 
   A5X :- A5(1.0) to A5(3.0)

include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-0224 - SSL/TLS MITM vulnerability

This bug has been opened to address the potential impact on this product.

Conditions:
Devices configured as SSL/TLS clients and making SSL/TLS connections with servers using OpenSSL 1.0.1 and 1.0.2-beta1 are affected
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.