Cisco Bug: CSCuq75488 - OpenSSL vulnerabilities found in CDN
Feb 10, 2017
- Cisco Content Delivery Engine Series
Known Affected Releases
Symptom: Below OpenSSL vulnerabilities issues are found in CDN. 1, Open SSL multiple remote sec vulnerabilities. QID 38602 CVE-2014-0224 , 0221, 0195, 0198, 0076 This exists on port 8089 when enabling splunk export function. 2, SSL/TLS compression algorithm leakage QID 38599 CVE-2012-4929 This exists on port 8089 when enabling splunk export function. This also exists on port 443. 3, SSL SSLv2 enabled vulnerability QID 38139 This exists on port 8089 when enabling splunk export function. Conditions: When enabling Splunk Export function, #1, #2, #3 vulnerabilities issues exist on port 8089. #2 issue always exist on port 443.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases