Guest

Preview Tool

Cisco Bug: CSCuq79267 - UCS Apache 2.2 Vulnerability CVE-2014-0118

Last Modified

Aug 09, 2017

Products (1)

  • Cisco Unified Computing System

Known Affected Releases

2.2(2c)A

Description (partial)

Symptom:
Cisco UCS includes a version of Apache that is affected by the vulnerability identified by the following Common Vulnerability and Exposures (CVE) ID:
CVE-2014-0118

Conditions:
Device with default configuration.

Related Community Discussions

<key>CSCuq79267</key> - UCS Apache 2.2 Vulnerability CVE-2014-0118
I too am seeing this same behavior. Nessus has found this, and 3 other, vulnerabilities with the Apache version provided by the UCS platform. Any fixes in the works? We are currently running firmware 2.2(3c). The release notes for 2.2(3d) and 2.2(3e) do not address CVE-2014-0118.   EDIT: 2.2(3f) also does not address these vulnerabilities. Does the UCS version of Apache use the modules that are found faulty according to Nessus? Nessus is also reporting the following CVEs related to this one: CVE-2013-6438, ...
Latest activity: Jul 08, 2015
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.