Cisco Bug: CSCup22636 - Multiple Vulnerabilities in OpenSSL - June 2014
Dec 19, 2019
- Cisco TelePresence IP Gateway Series
- Cisco TelePresence IP GW 3520
- Cisco TelePresence IP GW 3540
- Cisco TelePresence IP GW 3510
- Cisco TelePresence IP GW MSE 8350
Known Affected Releases
Symptom: The following Cisco products Cisco TelePresence IP Gateway 3510 Cisco TelePresence IP Gateway 3520 Cisco TelePresence IP Gateway 3540 Cisco TelePresence IP Gateway MSE 8350 include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2014-0224 - SSL/TLS MITM vulnerability CVE-2014-3470 - Anonymous ECDH denial of service This bug has been opened to address the potential impact on this product. Conditions: - HTTPS and/or SIP/TLS enabled and in use. - For CVE-2014-3470, SIP outgoing certificate verification has not been enabled.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases