Cisco Bug: CSCup22632 - Multiple Vulnerabilities in OpenSSL - June 2014
Dec 15, 2019
- Cisco TelePresence ISDN Gateway
- Cisco TelePresence ISDN GW 3241
- Cisco TelePresence ISDN GW MSE 8321
Known Affected Releases
2.0(1.35) 2.0(1.40) 2.0(1.49) 2.0(1.51) 2.1(1.22) 2.1(1.43) 2.1(1.49) 2.2(1.79) 2.2(1.92) 2.2(1.94)
Symptom: The following Cisco products Cisco TelePresence ISDN Gateway 3241 (runs software with P suffix) Cisco TelePresence ISDN Gateway MSE 8321 (runs software with P suffix) Tandberg Codian ISDN Gateway 3210/3215/3220 (also known as 3200 series) (runs software with N suffix; obsolete product) Tandberg Codian ISDN Gateway 8320 (runs software with N suffix; obsolete product). include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2014-0224 - SSL/TLS MITM vulnerability CVE-2014-3470 - Anonymous ECDH denial of service This bug has been opened to address the potential impact on this product. Conditions: - HTTPS and/or SIP/TLS enabled and in use. - For CVE-2014-3470 to apply, certificate verification for outbound connections must not have been enabled.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases