Guest

Preview Tool

Cisco Bug: CSCut45896 - Nexus 5k/6k - MARCH 2015 OpenSSL Vulnerabilities

Last Modified

Jan 28, 2017

Products (1)

  • Cisco Nexus 5000 Series Switches

Known Affected Releases

7.2(0)N1(0.1)

Description (partial)

Symptom:
This product includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288

This bug has been opened to address the potential impact on this product.

Conditions:

If DFA configurations are used with 'enable-ssl'
Something like this

fabric database type network
  server protocol ldap ip 10.95.126.166 enable-ssl

Or

Onep is configured with "transport type tls ..." option

Or

vmtracker configuration
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.