Guest

Preview Tool

Cisco Bug: CSCvh60832 - Side Channel Analysis vulnerability - M3 C-series servers standalone

Last Modified

Aug 13, 2019

Products (1)

  • Cisco Unified Computing System

Known Affected Releases

2.2(1b)B 2.2(1b)C 3.1(1e)B 3.1(1e)C 3.2(1d)B 3.2(1d)C

Description (partial)

Symptom:
Cisco UCS C-Series M3 Ivy Bridge/ Sandy Bridge servers are based on Intel Skylake processors that are vulnerable to variants of exploits that use CPU speculative processing and data cache timing to efficiently leak information, collectively known as Spectre and Meltdown and identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2017-5715 - Branch Target Injection Side-Channel Information Disclosure Vulnerability (aka Spectre)
CVE-2017-5753 - Bounds Check Bypass Side-Channel Information Disclosure Vulnerability (aka Spectre)
CVE-2017-5754 - Rogue Data Cache Load Side-Channel Information Disclosure Vulnerability (aka Meltdown)

Conditions:
Cisco UCS C-Series M3 servers running any supported Operating System
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.