Preview Tool

Cisco Bug: CSCus42709 - JANUARY 2015 OpenSSL Vulnerabilities

Last Modified

Jun 29, 2018

Products (1)

  • Cisco ACE 4700 Series Application Control Engine Appliances

Known Affected Releases


Description (partial)

This product includes a version of OpenSSL that is affected by the
vulnerability identified by the Common Vulnerability and Exposures (CVE)

CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275,
CVE-2015-0204, CVE-2015-0205, CVE-2015-0206

This bug has been opened to address the potential impact on this product.

Cisco ACE Application Control Engine Module (ACE30 only) and
 Cisco ACE Application Control Engine Appliance (ACE4710)
 Products act as: SSL/TLS Client, SSL/TLS Server
 VulnerabilityACE30/4710 product analysis            Conclusion
 CVE-2014-3571ACE does not use DTLS                      ACE not affected
 CVE-2015-0206ACE does not use DTLS/openssl 1.0.x        ACE not affected
 CVE-2014-3569vulnerability exists                       AFFECTED
 CVE-2014-3572ACE does not use ECDHE                     ACE not affected
 CVE-2015-0204vulnerability exists                       AFFECTED
 CVE-2015-0205 ACE does not use openssl 1.0.x            ACE not affected 
 CVE-2014-8275vulnerability exists                       AFFECTED
 CVE-2014-3570   vulnerability exists                    AFFECTED
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.