Guest

Preview Tool

Cisco Bug: CSCup24002 - Multiple Vulnerabilities in OpenSSL - June 2014

Last Modified

Dec 14, 2019

Products (1)

  • Cisco NAC Appliance 3300 Series

Known Affected Releases

1.0(0) 2.0(0) 2.1(1)

Description (partial)

Symptom:
The following Cisco products

Cisco NAC Guest Server

include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-0224 - SSL/TLS MITM vulnerability

This bug has been opened to address the potential impact on this product.

Conditions:
Cisco NAC Guest Server utilizing default configurations is affected.  NGS utilizes ssl for https communication.

NGS devices running software versions:

1.0
1.1
2.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.1.0

Fixed Software information:
No NGS versions having the fix.To address this vulnerability you have to install the patch CSCup24002.tar.gz( attached to this defect) on top of 2.1.0.

Also please note that this patch can be installed only on top of NGS 2.1.0
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.