Guest

Preview Tool

Cisco Bug: CSCvh70333 - IND 1.4.0: Defensics TLS test suites cause 100% CPU on Windows

Last Modified

Aug 06, 2018

Products (1)

  • Network Level Service

Known Affected Releases

1.4(0.62)

Description (partial)

Symptoms:
Cisco Industrial Network Director includes a version of jetty that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2011-1473

This bug was opened to address the potential impact on this product.

Conditions:
The issue occurs during TLS negotiation when processing HTTP requests and could cause cause the system to consume available CPU resources, degrading system 
performance, and possibly rendering the system inaccessible.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.