Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows: CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerability CVE-2015-0292: OpenSSL Base64 Decoding Memory Corruption Vulnerability CVE-2015-0293: OpenSSL SSLv2 CLIENT-MASTER-KEY Denial of Service Vulnerability CVE-2015-0209: OpenSSL Elliptic Curve d2i_ECPrivateKey Denial of Service Vulnerability CVE-2015-0288: OpenSSL X.509 to PKCS#10 Denial of Service Vulnerability The following six vulnerabilities do not affect any Cisco products: CVE-2015-0291: OpenSSL ClientHello sigalgs Denial of Service Vulnerability CVE-2015-0290: OpenSSL Multiblock Denial of Service Vulnerability CVE-2015-0207: OpenSSL DTLSv1_listen SSL Object Corruption Denial of Service Vulnerability CVE-2015-0208: OpenSSL Invalid Probabilistic Signature Scheme Parameters Denial of Service Vulnerability CVE-2015-1787: OpenSSL Empty ClientKeyExchange Denial of Service Vulnerability CVE-2015-0285: OpenSSL Handshake with Unseeded PRNG Predictable Value Vulnerability This advisory will be updated as additional information becomes available. Cisco will release software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities may be available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl
Product | Defect | Fixed releases availability |
---|---|---|
Collaboration and Social Media | ||
Cisco SocialMiner | CSCut46145 | 10.0 (18-Sept-2015) 10.5 (18-Sept-2015) 10.6 (18-Sept-2015) |
Cisco WebEx Meetings Server versions 1.x | CSCut45854 | CWMS 2.5MR4 (24-Apr-2015) |
Cisco WebEx Meetings Server versions 2.x | CSCut45854 | CWMS 2.5MR4 (24-Apr-2015) |
Cisco WebEx Node for MCS | CSCut45844 | T30 WebEx Cloud apps (30-May-2015) 3.12.3.7 (30-May-2015) |
Cisco WebEx Social | CSCut46214 | No further releases are planned. |
Endpoint Clients and Client Software | ||
Cisco Agent for OpenFlow | CSCut46072 | Affected systems have been updated |
Cisco AnyConnect Secure Mobility Client for Android | CSCut46503 | 4.0 (6-May-2015) |
Cisco AnyConnect Secure Mobility Client for Linux | CSCut46503 | 4.0 (6-May-2015) |
Cisco AnyConnect Secure Mobility Client for Windows | CSCut46503 | 4.0 (6-May-2015) |
Cisco AnyConnect Secure Mobility Client for iOS | CSCut46503 | 4.0 (6-May-2015) |
Cisco Jabber Guest 10.0(2) | CSCut46612 | |
Cisco Jabber Software Development Kit | CSCut46177 | 11.0 (26-Aug-2015) |
Cisco Jabber Video for iPad | CSCut46175 | No further releases are planned. |
Cisco Jabber Voice for iPhone | CSCut46207 | No additional releases are planned. |
Cisco Jabber for Android | CSCut46204 | 10.6.2 (24-April-2015) |
Cisco Jabber for Mac | CSCut46176 | 10.6(1) (10-Mar-2015) |
Cisco Jabber for Windows | CSCut68520 | 10.6(2) (Affected systems updated) 11.0 (Affected systems updated) |
Cisco Jabber for iOS | CSCut46608 | 11.0 (7-Apr-2015) |
Cisco WebEx Meetings Client - Hosted | CSCut45862 | T30 T29.9EP4 (12-May-2015) |
Cisco WebEx Meetings Client - On Premises | CSCut45852 | Orion 2.6. (30-May-2015) |
Cisco WebEx Meetings for Android | CSCut45846 | Android 7.5 |
Cisco WebEx Meetings for WP8 | CSCut45851 | Affected systems have been updated |
WebEx Meetings Server - SSL Gateway | CSCut45855 | 2.5MR4 (24-Apr-2015) |
WebEx Recording Playback Client | CSCut45861 | T30 (12-May-2015) T29.9EP4 (12-May-2015) |
Network Application, Service, and Acceleration | ||
Cisco ACE 30 Application Control Engine Module | CSCut46572 | 3.0 (17-Apr-2015) |
Cisco ACE 4710 Application Control Engine (A5) | CSCut46572 | 3.0 (17-Apr-2015) |
Cisco Application Control Engine (ACE10 and ACE20) | CSCut45874 | No further releases are planned |
Cisco Application and Content Networking System (ACNS) | CSCut46003 | 5.5.41 (30-July-2015) |
Cisco CSS 11500 Series Content Security Switch | CSCut45869 | No further releases are planned. |
Cisco InTracer | CSCuu83316 | |
Cisco Network Admission Control (NAC) | CSCut46004 | A patch file will be available for 4.9.3 4.9.4 and 4.9.5 (30-May-2015) |
Cisco Visual Quality Experience Server | CSCut45994 | 3.8.6 (March 2015) 3.9.5 (March 2015) 3.10.2 (24-Apr-2015) |
Cisco Visual Quality Experience Tools Server | CSCut45994 | 3.8.6 (March 2015) 3.9.5 (March 2015) 3.10.2 (24-Apr-2015) |
Cisco Wide Area Application Services (WAAS) | CSCut46458 | 5.5.3 (30-April-2015) 6.0.0 (30-April-2015) |
Network and Content Security Devices | ||
Cisco ASA CX Context-Aware Security | CSCut46028 | MR4 (Aug 2015) |
Cisco ASA Next-Generation Firewall Services | CSCut46031 | 1.1.3.x (31-Aug-2015) |
Cisco Adaptive Security Appliance (ASA) | CSCut46019 | 8.2.5.58 (April 2015) 8.3.2.45 (April 2015) 8.4.7.29 (April 2015) 8.5.1.25 (April 2015) 8.6.1.18 (April 2015) 8.7.1.17 (April 2015) 9.0.4.34 (April 2015) 9.1.6.2 (24-Apr-2015) 9.2.3.5 (April 2015) 9.3.3.1 (8-May-2015) 9.4.1.1 (8-May-2015) |
Cisco Content Security Appliance Updater Servers | CSCut45841 | |
Cisco Content Security Management Appliance (SMA) | CSCut45840 | 8.3.6 (TBD) |
Cisco Email Security Appliance (ESA) | CSCut45836 | 8.5.6 (20-Apr-2015) 8.5.7 (28-May-2015) 8.0.1 (20-Apr-2015) 9.1 (20-Apr-2015) 9.5 (TBD) |
Cisco FireSIGHT | CSCut45838 | Affected systems have been updated. |
Cisco IPS | CSCut46079 | Cisco IPS 7.1.11 - TBD Cisco IPS 7.3.4 - TBD |
Cisco Identity Services Engine (ISE) | CSCut46056 | 1.3.x (4-July-2015) |
Cisco IronPort Encryption Appliance (IEA) | CSCut45837 | No further releases are planned. |
Cisco NAC Guest Server | CSCut46011 | A patch file will be available for 4.9.3 4.9.4 and 4.9.5 (30-May-2015) |
Cisco NAC Server | CSCut46008 | A patch file will be available for 4.9.3 4.9.4 and 4.9.5 (30-May-2015) |
Cisco Physical Access Control Gateway | CSCut46478 | 1.5.3 (15-Apr-2015) |
Cisco Prime Security Manager (PRSM) | CSCut46035 | 9.3.3.1-13 (Aug-2015) |
Cisco Prime Security Manager | CSCut46029 | Fix will be released (Aug 2015) |
Cisco Registered Envelope Service (CRES) - ESA | CSCut45835 | 4.5 (19-Sept-2015) |
Cisco Secure Access Control System (ACS) | CSCut46073 | TBD |
Cisco Virtual Security Gateway for Microsoft Hyper-V | CSCut45899 | 1.0.1m (30-April-2015) |
Cisco Web Security Appliance (WSA) | CSCut45842 | 9.0.0-485 8.8.0-085 8.5.2-024 8.0.8-113 |
Network Management and Provisioning | ||
Cisco Cloupia Unified Infrastructure Controller | CSCut45878 | 5.4 (Sept. 2015) |
Cisco MATE Collector | CSCut46092 | 6.2.0 (July 2015) 6.1.2 (May 2015) |
Cisco MATE Design | CSCut46092 | 6.2.0 (July 2015) 6.1.2 (May 2015) |
Cisco MATE Live | CSCut46092 | 6.2.0 (July 2015) 6.1.2 (May 2015) |
Cisco Management Appliance (MAP) | CSCut46555 | Affected versions have been updated. |
Cisco Mobility Unified Reporting System (MUR) | CSCut45803 | No further releases are planned |
Cisco NetFlow Collection Agent | CSCut45937 | A patch will be available (15-May-2015) |
Cisco Network Analysis Module | CSCut45934 | NAM version 6.2 : (1-June-2015) |
Cisco Packet Tracer | CSCut45971 | Cisco Packet Tracer 7.0 (31-July-2015) |
Cisco Prime Access Registrar | CSCut45916 | 7.0 (10-May-2015) |
Cisco Prime Collaboration Assurance | CSCut45944 | 11.0 {29-June -2015) |
Cisco Prime Collaboration Deployment | CSCut46580 | PCD 11.0 : (14-Apr-2015) PCD 10.5.3: (14-April-2015) |
Cisco Prime Collaboration Provisioning | CSCut45942 | PCP 11.0 (22-June 22-2015) |
Cisco Prime Data Center Network Manager (DCNM) | CSCut45879 | 7.1.2 (30-Apr-2015) |
Cisco Prime IP Express | CSCut45926 | 2.2.2 - (April 2015) |
Cisco Prime Infrastructure Standalone Plug and Play Gateway | CSCut45935 | 2.2.0.11 (30-May-2015) |
Cisco Prime Infrastructure | CSCut45936 | 2.2.2 (May 2015) |
Cisco Prime LAN Management Solution (LMS - Solaris) | CSCut45912 | 4.002(30-Jun-2015) |
Cisco Prime License Manager | CSCut45972 | 11.0 (14-May-2015) |
Cisco Prime Network Registrar (CPNR) | CSCut45914 | 8.1.3.3 (April 2015) 8.2.3 (June 2015) 8.3.1 (July 2015) |
Cisco Prime Optical for SPs | CSCut45919 | 10.3 patch 1 (April 2015) 10.0 patch 1 (30-April-2015) 9.8 patch 5 (TBD) |
Cisco Prime Performance Manager | CSCut45907 | PPM 1.6.0 SP2 (30-May-2015) |
Cisco Quantum Policy Suite (QPS) | CSCut46093 | 7.5 (TBD) |
Cisco Security Manager | CSCut45947 | 4.7 (Available) 4.8 4.9 (Available) |
Cisco UCS Central | CSCut45902 | 1.4(1a) (Dec. 2015) |
Cisco Web Element Manager (WEM) | CSCut45800 | No further releases are planned |
Local Collector Appliance (LCA) | CSCut46114 | 2.2.9 (29-Apr-2015) |
Prime Collaboration Provisioning | CSCut46368 | PCP 10.6 (10- April-2015) PCP 11.0 (22-June-2015) |
Security Module for Cisco Network Registrar | CSCut45915 | 2.2.2 - (April 2015) |
Routing and Switching - Enterprise and Service Provider | ||
Cisco 910 Industrial Router | CSCut46085 | kunpeng 1.2 (24-Apr-2015) |
Cisco ASR 5000 Series | CSCuu83317 | V20 (31-Oct-2015) |
Cisco Application Policy Infrastructure Controller (APIC) | CSCut45880 | 1.0(3j) (30-APR-2015) |
Cisco Connected Grid Router - CGOS | CSCut46303 | CG4(4) (1-Apr- 2015) |
Cisco IOS Software and Cisco IOS XE Software | CSCut46130 | 15.5(01)S (TBD) |
Cisco IOS XE (WebUI feature only) | CSCut46126 | 16.1 (29-Apr-2015) |
Cisco IOS XR | CSCut45951 | |
Cisco MDS 9000 Series Multilayer Switches | CSCut45884 | 5.2 (June 2015) 6.2 (July 2015) |
Cisco Mobile Wireless Transport Manager | CSCut45945 | MWTM 6.1.7 (May-2015) |
Cisco Nexus 1000V InterCloud | CSCut45883 | Patch will be applied [May-2015] |
Cisco Nexus 1000V Series Switches (Hyper-V) | CSCut45888 | 5.2(1)SM3(1.1a) (1-Jun-2015) |
Cisco Nexus 1010 | CSCut45892 | 5.2(1)SP1(7.3) : (30-April-2015) |
Cisco Nexus 3000 Series Switches | CSCut45893 | |
Cisco Nexus 3500 Series Switches | CSCut45894 | |
Cisco Nexus 4000 Series Blade Switches | CSCut46081 | 4.1(2)E1(1o) (30-May-2015) |
Cisco Nexus 5000 Series Switches | CSCut45896 | 7.2 (May-2015) |
Cisco Nexus 6000 Series Switches | CSCut45896 | 7.2 (May-2015) |
Cisco Nexus 7000 Series Switches | CSCut45885 | |
Cisco Nexus 9000 (ACI/Fabric Switch) | CSCut45882 | 11.0(4) (1-May-2015) |
Cisco Nexus 9000 Series Switches | CSCut45886 | 7.0(3)I1(2) (30-Apr-2015) |
Cisco ONS 15454 Series Multiservice Provisioning Platforms | CSCut46048 | 10.51 (31-July-2015) |
Cisco OnePK All-in-One VM | CSCut46047 | No further releases are planned. |
Cisco Service Control Application for Broadband | CSCut46564 | 5.2.0 (September 2015) |
Cisco Service Control Collection Manager | CSCut46564 | 5.2.0 (September 2015) |
Cisco Service Control Engine 1010 | CSCut46564 | 5.2.0 (September 2015) |
Cisco Service Control Engine 2020 | CSCut46564 | 5.2.0 (September 2015) |
Cisco Service Control Engine 8000 | CSCut46564 | 5.2.0 (September 2015) |
Cisco Service Control Subscriber Manager | CSCut46564 | 5.2.0 (September 2015) |
Routing and Switching - Small Business | ||
Cisco RV180W Wireless-N Multifunction VPN Router | CSCut46489 | No additional releases are planned. |
Cisco Small Business ISA500 Series Integrated Security Appliances | CSCut46058 | No further releases are planned. |
Cisco Sx220 switches | CSCut46486 | No additional releases are planned. |
Cisco Sx300 switches | CSCut46496 | 1.4.1.x (1-Nov-2015) |
Cisco Sx500 switches | CSCut46497 | 1.4.1.x (1-Nov-2015) |
Cisco WAG310G Residential Gateway | CSCut45998 | No further releases are planned |
Unified Computing | ||
Cisco Network Configuration and Change Management Service | CSCut45808 | 1.5 (2-Apr-2015) |
Cisco UCS C-Series (Standalone Rack) Servers | CSCut45903 | Patch is scheduled for (22-May-2015) |
Cisco UCS Invicta Series Solid State Systems | CSCut45897 | |
Cisco Unified Computing System (Management software) | CSCut46044 | A patch will be available (30-Oct-2015) |
Cisco Unified Computing System B-Series (Blade) Servers | CSCut45900 | 2.2(4) (May 2015) |
Cisco Virtual Security Gateway | CSCut45898 | 5.2(1)VSG2(1.3) (30-Apr-2015) |
Voice and Unified Communications Devices | ||
Cisco 190 ATA Series Analog Terminal Adaptor | CSCut46142 | 1.2.0: (31-Dec-2015) |
Cisco 8800 Series IP Phones - VPN Feature | CSCut46632 | 10.4(1)(31-Oct-2015) |
Cisco ATA 187 Analog Telephone Adaptor | CSCut46188 | 9.2(4) (30-Dec-2015) |
Cisco Agent Desktop | CSCut45827 | 10.0(2) (2-Apr-2015) |
Cisco Computer Telephony Integration Object Server (CTIOS) | CSCut45829 | 11.0 (April 2015) |
Cisco DX Series IP Phones - Software VPN Feature | CSCut46198 | 10.2.4 (20-Apr-2015) |
Cisco Emergency Responder | CSCut46165 | 11.0 (June 2015) |
Cisco Finesse | CSCut46164 | Affected systems have been updated. |
Cisco Hosted Collaboration Mediation Fulfillment | CSCut46171 | 10.6.1 (13-Apr-2015) |
Cisco IM and Presence Service (CUPS) | CSCut46168 | 11.x (16-April-2015) |
Cisco IP Interoperability and Collaboration System (IPICS) | CSCut45987 | 5.5 Patch (24-Mar-2015) |
Cisco IP Phone 8800 Series | CSCut46199 | 10.4 (Oct 2015) |
Cisco MS200X Ethernet Access Switch | CSCut46498 | No further releases are planned. |
Cisco MediaSense | CSCut46193 | 11.0.1 (22-Apr-2015) |
Cisco MeetingPlace | CSCut46180 | 8.6MR1 (3-Apr-2015) |
Cisco Paging Server (Informacast) | CSCut46607 | 11.0.1 (June 2015) |
Cisco Paging Server | CSCut46607 | 11.0.1 (June 2015) |
Cisco Remote Silent Monitoring | CSCut46196 | 11.0 (June 2015) |
Cisco SPA112 2-Port Phone Adapter | CSCut46059 | 1.3.7: (31-Dec-2015) |
Cisco SPA122 ATA with Router | CSCut46059 | 1.3.7: (31-Dec-2015) |
Cisco SPA232D Multi-Line DECT ATA | CSCut46059 | 1.3.7: (31-Dec-2015) |
Cisco SPA30X Series IP Phones | CSCut46065 | 7.5.8 (31-Dec-2015) |
Cisco SPA50X Series IP Phones | CSCut46065 | 7.5.8 (31-Dec-2015) |
Cisco SPA51X Series IP Phones | CSCut46065 | 7.5.8 (31-Dec-2015) |
Cisco SPA525G | CSCut46063 | 7.5.8 (31-Dec-2015) |
Cisco Unified 6901 IP Phone | CSCut46182 | 9.3(2)SR3 (11-Nov-2015) |
Cisco Unified 6911 IP Phone | CSCut46190 | 9.3(1) SR3 (2-Feb-2016) |
Cisco Unified 6921 IP Phone | CSCut46191 | 9.4(2)SR2 (31-Dec- 2015) |
Cisco Unified 6945 IP Phone | CSCut46189 | 9.4(1)SR1 (12-Dec-2015) |
Cisco Unified 7800 Series IP Phones | CSCut46200 | 10.4(1) (31-Oct-2015) |
Cisco Unified 7962 IP Phone | CSCut46634 | 9.4(2) (Nov. 2015) |
Cisco Unified 8831 IP Conference Phone | CSCut46620 | 10.3(2) (Oct. 2015) |
Cisco Unified 8941 IP Phone | CSCut46621 | 9.4.2 SR2 (12-Dec-2015) |
Cisco Unified 8945 IP Phone | CSCut46183 | 9.4(2)SR2 (11-Nov-2015) |
Cisco Unified 8961 IP Phone | CSCut46169 | 9.4(2) (Nov. 2015) |
Cisco Unified Attendant Console Advanced | CSCut46139 | A patch is available for vulnerable releases. |
Cisco Unified Attendant Console Business Edition | CSCut46139 | A patch is available for vulnerable releases. |
Cisco Unified Attendant Console Department Edition | CSCut46139 | A patch is available for vulnerable releases. |
Cisco Unified Attendant Console Enterprise Edition | CSCut46139 | A patch is available for vulnerable releases. |
Cisco Unified Attendant Console Premium Edition | CSCut46139 | A patch is available for vulnerable releases. |
Cisco Unified Attendant Console Standard | CSCut46140 | A patch is available for vulnerable releases. |
Cisco Unified Communications Domain Manager | CSCut46209 | 8.1.6 (30-Jun-2015) |
Cisco Unified Communications Manager (UCM) | CSCut46146 | 10.5(2.12019.1) 10.5(2.12900.14) 10.5(2.12900.5) 10.5(2.22900.2) 11.0(0.98000.321) 11.0(0.98000.413) 11.0(1.10000.10) 9.1(2.14900.1) |
Cisco Unified Communications Manager Session Management Edition (SME) | CSCut46146 | 10.5(2.12019.1) 10.5(2.12900.14) 10.5(2.12900.5) 10.5(2.22900.2) 11.0(0.98000.321) 11.0(0.98000.413) 11.0(1.10000.10) 9.1(2.14900.1) |
Cisco Unified Communications for Microsoft Lync | CSCut46158 | 10.6.2 (21-Apr-2015) |
Cisco Unified Contact Center Enterprise | CSCut45829 | 11.0 (April 2015) |
Cisco Unified Contact Center Express | CSCus42785 | 11.0 (June 2015) |
Cisco Unified IP Conference Phone 8831 for Third-Party Call Control | CSCut46138 | 9.3(5) (31-Dec-2015) |
Cisco Unified IP Phone 7900 Series (VPN Feature) | CSCut46635 | 9.4(2) (Nov 2015) |
Cisco Unified IP Phone 7900 Series | CSCut46201 | 9.4(2)SR2 (25-Dec-2015) |
Cisco Unified Intelligence Center (CUIC) | CSCut45828 | 11.0(1) (30-June-2015) |
Cisco Unified Intelligent Contact Management Enterprise | CSCut45829 | 11.0 (April 2015) |
Cisco Unified Quick Connect | CSCut46162 | No further releases are planned. |
Cisco Unified Service Monitor | CSCut45925 | No future releases planned. |
Cisco Unified Service Statistics Manager | CSCut45922 | No further releases are planned. |
Cisco Unified Sip Proxy | CSCut45798 | 8.06 (19-Jun-2015) |
Cisco Unified Workforce Optimization Quality Management | CSCut46215 | 10.5 (TBD) |
Cisco Unified Workforce Optimization | CSCut46216 | WFM 10.5 SR 6(TBD) WFM 11.0 (TBD) |
Cisco Unity Connection | CSCut46151 | 11.x (9-Apr-2015) |
Cisco Virtualization Experience Media Engine | CSCut46211 | 11.0 (June 2015) |
Video, Streaming, TelePresence, and Transcoding Devices | ||
Cisco AnyRes Live (CAL) | CSCut46530 | 9.5.1 (01-May-2015) |
Cisco AnyRes VOD (CAL) | CSCut46528 | |
Cisco Cloud Object Store (COS) | CSCut45991 | 2.1.2: (Available) 3.0.0: (27-May-2015) |
Cisco D9036 Modular Encoding Platform | CSCut46103 | V02.03.xx(30-May- 2015) |
Cisco DCM Series 9900-Digital Content Manager | CSCut45904 | 16-10 (1-July-2015) |
Cisco Digital Media Manager (DMM) | CSCut45976 | 5.6.1 (July 2015) |
Cisco Digital Media Player 4310 | CSCut46084 | 5.4(1)RB(2P3) (24-April-2015) 5.3.6RB(2P3) (24-April-2015 |
Cisco Digital Media Players (DMP) 4300 Series | CSCut45957 | DMM 5.3.6 5.3.6(RB1) 5.4.0 5.4.1 5.4.1(RB1) 5.3.6(RB2) 5.4.1(RB2) (25-Apr-2015) |
Cisco Digital Media Players (DMP) 4400 Series | CSCut45957 | DMM 5.3.6 5.3.6(RB1) 5.4.0 5.4.1 5.4.1(RB1) 5.3.6(RB2) 5.4.1(RB2) (25-Apr-2015) |
Cisco Edge 300 Digital Media Player | CSCut46086 | 1.6RB2_P1 (24-Apr-2015) |
Cisco Edge 340 Digital Media Player | CSCut46083 | ce340-1.2-patch-0.6.tar.gz (24-Apr-2015) |
Cisco Enterprise Content Delivery System (ECDS) | CSCut45958 | 2.6.4 (3-April-2015) |
Cisco Explorer Controller | CSCut46095 | |
Cisco Expressway Series | CSCut45985 | X8.5.2 (25-Mar-2015) |
Cisco Jabber Video for TelePresence (Movi) | CSCut45966 | 4.8.11 (29-Apr-2015) |
Cisco Media Experience Engines (MXE) | CSCut45969 | MXE3500 v3.5 (28-May-2015) |
Cisco Media Services Interface | CSCut45952 | 4.1.2 (31-Jul-2015) |
Cisco Model D9485 DAVIC QPSK | CSCut46096 | 1.2.19 (30-Oct-2015) |
Cisco Show and Share (SnS) | CSCut45976 | 5.6.1 (July 2015) |
Cisco TelePresence 1310 | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence Advanced Media Gateway Series | CSCut45953 | 1.1 (24-Apr-2015) |
Cisco TelePresence Conductor | CSCut45954 | XC3.0.3 (May 2015) |
Cisco TelePresence Content Server (TCS) | CSCut45978 | 6.2.1 (30-Apr-2015) |
Cisco TelePresence EX Series | CSCut45977 | TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015) |
Cisco TelePresence IP Gateway Series | CSCut45960 | No further releases are planned (EOSM) |
Cisco TelePresence IP VCR Series | CSCut45961 | No further releases are planned (EOSWM) |
Cisco TelePresence ISDN GW 3241 | CSCut45962 | 7.4 8.0 8.1 (30-June-2015) |
Cisco TelePresence ISDN GW MSE 8321 | CSCut45962 | 7.4 8.0 8.1 (30-June-2015) |
Cisco TelePresence ISDN Link | CSCut45963 | 1.1.5 (May 2015) |
Cisco TelePresence MCU (8510, 8420, 4200, 4500 and 5300) | CSCut45965 | 4.5 (30-July-2015 ) |
Cisco TelePresence MPS Series | CSCut45967 | No further releases are planned (EOSWM) |
Cisco TelePresence MX Series | CSCut45977 | TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015) |
Cisco TelePresence MXP Software | CSCut45970 | Affected systems have been updated. |
Cisco TelePresence Multipoint Switch (CTMS) | CSCut45956 | No additional releases are planned |
Cisco TelePresence Profile Series | CSCut45977 | TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015) |
Cisco TelePresence Recording Server (CTRS) | CSCut45964 | No additional releases are planned. |
Cisco TelePresence SX Series | CSCut45977 | TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015) |
Cisco TelePresence Serial Gateway Series | CSCut45975 | 1.0MR5 (31-Oct-2015) |
Cisco TelePresence Server 8710, 7010 | CSCut45980 | 4.1MR2 (30-April-2015) |
Cisco TelePresence Server on Multiparty Media 310, 320 | CSCut45980 | 4.1MR2 (30-April-2015) |
Cisco TelePresence Server on Virtual Machine | CSCut45980 | 4.1MR2 (30-April-2015) |
Cisco TelePresence Supervisor MSE 8050 | CSCut45968 | 2.3MR3 (30-Sept-2015) |
Cisco TelePresence System 1000 | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence System 1100 | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence System 1300 | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence System 3000 Series | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence System 500-32 | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence System 500-37 | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence TE Software (for E20 - EoL) | CSCut45979 | A fix will be released (Aug 2015) |
Cisco TelePresence TX 9000 Series | CSCut46136 | 6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015) |
Cisco TelePresence Video Communication Server (VCS) | CSCut45985 | X8.5.2 (25-Mar-2015) |
Cisco TelePresence Integrator C Series | CSCut45977 | TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015) |
Cisco VDS Service Broker | CSCut46101 | 1.3 (28-Apr-2015) |
Cisco VEN401 Wireless Access Point Product | CSCut45988 | 1.24.32.78 (1-Sept-2015) |
Cisco VEN501 Wireless Access Point | CSCut45989 | 20.2.45.1 (12-Oct-2015) |
Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS) | CSCut45992 | 3.3.1 (30-Apr-2015) 4.0.0 (30-Apr-2015) 4.1.2 (30-Apr-2015) |
Cisco Video Surveillance 3000 Series IP Cameras | CSCut46482 | 2.7.0 (30-Jul-2015) |
Cisco Video Surveillance 4000 Series High-Definition IP Cameras | CSCut46480 | 2.4.6 (30-Jul-2015) |
Cisco Video Surveillance 4300E/4500E High-Definition IP Cameras | CSCut46481 | 3.2.7 (30-Jul-2015) |
Cisco Video Surveillance 6000 Series IP Cameras | CSCut46482 | 2.7.0 (30-Jul-2015) |
Cisco Video Surveillance 7000 Series IP Cameras | CSCut46482 | 2.7.0 (30-Jul-2015) |
Cisco Video Surveillance Media Server | CSCut46054 | VSM 7.7.0 (30-Sept-2015 |
Cisco Video Surveillance PTZ IP Cameras | CSCut46482 | 2.7.0 (30-Jul-2015) |
Cisco Videoscape Control Suite | CSCut45990 | 004.001 (6-May-2015) |
Cisco Videoscape Voyager Vantage | CSCut46111 | Patch is scheduled (30-May-2015) |
Tandberg Codian ISDN GW 3210/3220/3240 | CSCut45962 | 7.4 8.0 8.1 (30-June-2015) |
Tandberg Codian MSE 8320 model | CSCut45962 | 7.4 8.0 8.1 (30-June-2015) |
Wireless | ||
Cisco 3300 Series Mobility Services Engine (MSE) | CSCut45933 | 8.0.120.0 (30- May-2015) |
Cisco Wireless LAN Controller (WLC) | CSCut45950 | 8.1/8.0.120.0 (June 2015) |
Cisco Wireless Location Appliance (WLA) | CSCut45932 | 8.0.120.0 (30-May-2015) |
Cisco Hosted Services | ||
Cisco Intelligent Automation for Cloud | CSCut45986 | 4.3 (Aug. 2015) |
Cisco Master Content Rating Database Server (MCRDBS) | CSCut45799 | No further releases are planned. |
Cisco One Portal | CSCut45821 | 1.41 (11-July-2015) |
Cisco Registered Envelope Service (CRES) | CSCut45834 | 4.4 (30-May-2015) |
Cisco Services Provisioning Platform (SPP) | CSCut46655 | Affected systems have been patched. |
Cisco Smart Call Home | CSCut46001 | 4.001 (6-May-2015) |
Cisco UCS Invicta Series Autosupport Portal | CSCut45873 | Patch is scheduled for (15-Apr-2015) |
Cisco Universal Small Cell CloudBase | CSCut46518 | TBD |
Cisco WebEx Meetings (Meeting Center, Training Center, Event Center, Support Center) | CSCut45866 | 7.0(3)I1(2) (30-April-2015) |
Cisco WebEx Messenger Service | CSCut45857 | 7.9.3 EP1 (21-Mar-2015) |
Network Health Framework (NHF) | CSCut46117 | TBD |
Network Performance Analytics (NPA) | CSCut46119 | |
Partner Supporting Service (PSS) 1.x | CSCut46027 | pss2.6 (30-May-2015) |
Small Cell factory recovery root filesystem V2.99.4 or later | CSCut46088 | Affected versions have been updated |
Unified Communication Audit Tool (UCAT) | CSCut45911 | 10.6 (15-May-2015) |
WebEx Meeting Center | CSCut45867 | WebEx11 1.3SP15 (30-April-2015) |
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Version | Description | Section | Status | Date |
---|---|---|---|---|
1.15 | Backend Database changes to support Cisco IOS Software Checker. | N/A | Final | 2016-January-11 |
1.14 | Updated information about the first fixed release for WSA. | Affected Products - Vulnerable Products | Final | 2016-January-04 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.