Cisco Bug: CSCur02195 - ACE evaluation for CVE-2014-6271 and CVE-2014-7169
Feb 17, 2017
- Cisco ACE 4700 Series Application Control Engine Appliances
Known Affected Releases
3.0(0)A5(3.0) 3.0(0)A5(3.1) 7.2(0.1)VB(0.1)
Symptom: The ACE 4710 and ACE30 include a version of bash that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2014-6271 CVE-2014-6277 CVE-2014-6278 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187 This bug has been opened to address the potential impact on this product. ACE30 module and ACE4710 appliance running A5(3.x) and prior have been tested and each found to have vulnerability to one attack vector. For the ACE30 module and ACE4710 appliance Cisco is providing a short term hot patch (DPLUG) now with a full correction a maintenance release at a later date. The DPLUGs are named ACE4710_A5x_bash_security_fix.bin and ACE30_A5x_bash_security_fix.bin and will work with any A5(x) release. Understand that attack works only by the vector of accessing the management interface on the ACE via ssh using a pre-existing valid login credential (with any level of access rights). Testing via VIP thru ssh/HTTP/HTTPs load balancing shows no vulnerability and since ACE does not execute any CGI scripting via VIP that vector also is not vulnerable. To address the vulnerability: 1.Upgrade to A5(x) release. 2. Download the "hot fix" DPLUG from CCO. The DPLUGs are named ACE4710_A5x_bash_security_fix.bin and ACE30_A5x_bash_security_fix.bin and will work with any A5(x) release. 3.Ensure the DPLUG is installed/ run after every ACE reboot. 4.Monitor software availability for future release of A5(3.x.x) maintenance release which will include full correction, removing need to run DPLUG hot fix. ] Conditions: Exposure is not configuration dependant but successful authentication is required to exploit this vulnerability remotely.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases