Cisco Bug: CSCus42709 - JANUARY 2015 OpenSSL Vulnerabilities
Last Modified
Jun 29, 2018
Products (1)
- Cisco ACE 4700 Series Application Control Engine Appliances
Known Affected Releases
3.0(0)A5(3.1)
Description (partial)
Symptom: This product includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206 This bug has been opened to address the potential impact on this product. Conditions: Cisco ACE Application Control Engine Module (ACE30 only) and Cisco ACE Application Control Engine Appliance (ACE4710) Products act as: SSL/TLS Client, SSL/TLS Server VulnerabilityACE30/4710 product analysis Conclusion ---------------------------------------------------------------------------------------- CVE-2014-3571ACE does not use DTLS ACE not affected CVE-2015-0206ACE does not use DTLS/openssl 1.0.x ACE not affected CVE-2014-3569vulnerability exists AFFECTED CVE-2014-3572ACE does not use ECDHE ACE not affected CVE-2015-0204vulnerability exists AFFECTED CVE-2015-0205 ACE does not use openssl 1.0.x ACE not affected CVE-2014-8275vulnerability exists AFFECTED CVE-2014-3570 vulnerability exists AFFECTED
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases