Guest

Preview Tool

Cisco Bug: CSCup22654 - Multiple Vulnerabilities in OpenSSL - June 2014

Last Modified

Dec 13, 2019

Products (1)

  • Cisco Carrier Routing System

Known Affected Releases

5.3.4.BASE

Description (partial)

Symptom:
The following Cisco products

Cisco IOS XR

include a version of openssl that may be affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-0224 - SSL/TLS MITM vulnerability

This bug has been opened to address the potential impact on this product.

Conditions:
Default Configuration

Cisco IOS XR devices may act as a client or server utilizing both SSL and TLS depending on configuration.

Devices running IOS XR Versions: all releases from 4.3.1 through 5.2.0 are affected:

4.3.1
4.3.2
4.3.4
5.0.0
5.0.1
5.1.0
5.1.1
5.1.2
5.2.0
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.