Preview Tool

Cisco Bug: CSCur05081 - Product evaluation for CVE-2014-6271 and CVE-2014-7169

Last Modified

Sep 10, 2019

Products (1)

  • Cisco Unified Computing System

Known Affected Releases

2.2(2c)A 3.0(1.36)B 4.0(200.2)

Description (partial)

All B-series servers include a version of Bash that may be affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:


Cisco has analyzed this vulnerability and concluded that while the previously listed products may run a vulnerable version of Bash, there are no exploitation vectors present for CIMC firmware versions 2.0.2 and later. For CIMC firmware versions 2.0.1 and earlier,  exploitation vectors exists.

For CIMC firmware versions 2.0.2 and later, exploitation vectors do not exist and therefore, there are no conditions.

For CIMC firmware versions 2.0.1 and earlier, the user must connect to CIMC's Serial-over-LAN (SOL) functionality by using an SSH client.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.