Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products

Summary

• Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or corrupt portions of OpenSSL process memory. On March 19, 2015, the OpenSSL Project released a security advisory detailing 13 distinct vulnerabilities. The following seven are actively under investigation and the vulnerabilities are referenced in this document as follows:
  
  

  • CVE-2015-0286: OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability
  • CVE-2015-0287: OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability
  • CVE-2015-0289: OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerability
  • CVE-2015-0292: OpenSSL Base64 Decoding Memory Corruption Vulnerability
  • CVE-2015-0293: OpenSSL SSLv2 CLIENT-MASTER-KEY Denial of Service Vulnerability
  • CVE-2015-0209: OpenSSL Elliptic Curve d2i_ECPrivateKey Denial of Service Vulnerability
  • CVE-2015-0288: OpenSSL X.509 to PKCS#10 Denial of Service Vulnerability

  
  The following six vulnerabilities do not affect any Cisco products:
  

  • CVE-2015-0291: OpenSSL ClientHello sigalgs Denial of Service Vulnerability
  • CVE-2015-0290: OpenSSL Multiblock Denial of Service Vulnerability
  • CVE-2015-0207: OpenSSL DTLSv1_listen SSL Object Corruption Denial of Service Vulnerability
  • CVE-2015-0208: OpenSSL Invalid Probabilistic Signature Scheme Parameters Denial of Service Vulnerability
  • CVE-2015-1787: OpenSSL Empty ClientKeyExchange Denial of Service Vulnerability
  • CVE-2015-0285: OpenSSL Handshake with Unseeded PRNG Predictable Value Vulnerability

  
  This advisory will be updated as additional information becomes available.
  
  Cisco will release software updates that address these vulnerabilities.
  
  Workarounds that mitigate these vulnerabilities may be available.
  
  This advisory is available at the following link:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl

Affected Products

• Cisco is currently investigating its product line to determine which products may be affected by these vulnerabilities and the impact on each affected product. As the investigation progresses, this document will be updated to include the Cisco bug IDs for each affected product. The bugs will be accessible through the Cisco Bug Search Tool and will contain additional platform-specific information, including workarounds (if available) and fixed software versions.
  
  

  Vulnerable Products

  Product	Defect	Fixed releases availability
  Collaboration and Social Media
  Cisco SocialMiner	CSCut46145	10.0 (18-Sept-2015) 10.5 (18-Sept-2015) 10.6 (18-Sept-2015)
  Cisco WebEx Meetings Server versions 1.x	CSCut45854	CWMS 2.5MR4 (24-Apr-2015)
  Cisco WebEx Meetings Server versions 2.x	CSCut45854	CWMS 2.5MR4 (24-Apr-2015)
  Cisco WebEx Node for MCS	CSCut45844	T30 WebEx Cloud apps (30-May-2015) 3.12.3.7 (30-May-2015)
  Cisco WebEx Social	CSCut46214	No further releases are planned.
  Endpoint Clients and Client Software
  Cisco Agent for OpenFlow	CSCut46072	Affected systems have been updated
  Cisco AnyConnect Secure Mobility Client for Android	CSCut46503	4.0 (6-May-2015)
  Cisco AnyConnect Secure Mobility Client for Linux	CSCut46503	4.0 (6-May-2015)
  Cisco AnyConnect Secure Mobility Client for Windows	CSCut46503	4.0 (6-May-2015)
  Cisco AnyConnect Secure Mobility Client for iOS	CSCut46503	4.0 (6-May-2015)
  Cisco Jabber Guest 10.0(2)	CSCut46612
  Cisco Jabber Software Development Kit	CSCut46177	11.0 (26-Aug-2015)
  Cisco Jabber Video for iPad	CSCut46175	No further releases are planned.
  Cisco Jabber Voice for iPhone	CSCut46207	No additional releases are planned.
  Cisco Jabber for Android	CSCut46204	10.6.2 (24-April-2015)
  Cisco Jabber for Mac	CSCut46176	10.6(1) (10-Mar-2015)
  Cisco Jabber for Windows	CSCut68520	10.6(2) (Affected systems updated) 11.0 (Affected systems updated)
  Cisco Jabber for iOS	CSCut46608	11.0 (7-Apr-2015)
  Cisco WebEx Meetings Client - Hosted	CSCut45862	T30 T29.9EP4 (12-May-2015)
  Cisco WebEx Meetings Client - On Premises	CSCut45852	Orion 2.6. (30-May-2015)
  Cisco WebEx Meetings for Android	CSCut45846	Android 7.5
  Cisco WebEx Meetings for WP8	CSCut45851	Affected systems have been updated
  WebEx Meetings Server - SSL Gateway	CSCut45855	2.5MR4 (24-Apr-2015)
  WebEx Recording Playback Client	CSCut45861	T30 (12-May-2015) T29.9EP4 (12-May-2015)
  Network Application, Service, and Acceleration
  Cisco ACE 30 Application Control Engine Module	CSCut46572	3.0 (17-Apr-2015)
  Cisco ACE 4710 Application Control Engine (A5)	CSCut46572	3.0 (17-Apr-2015)
  Cisco Application Control Engine (ACE10 and ACE20)	CSCut45874	No further releases are planned
  Cisco Application and Content Networking System (ACNS)	CSCut46003	5.5.41 (30-July-2015)
  Cisco CSS 11500 Series Content Security Switch	CSCut45869	No further releases are planned.
  Cisco InTracer	CSCuu83316
  Cisco Network Admission Control (NAC)	CSCut46004	A patch file will be available for 4.9.3 4.9.4 and 4.9.5 (30-May-2015)
  Cisco Visual Quality Experience Server	CSCut45994	3.8.6 (March 2015) 3.9.5 (March 2015) 3.10.2 (24-Apr-2015)
  Cisco Visual Quality Experience Tools Server	CSCut45994	3.8.6 (March 2015) 3.9.5 (March 2015) 3.10.2 (24-Apr-2015)
  Cisco Wide Area Application Services (WAAS)	CSCut46458	5.5.3 (30-April-2015) 6.0.0 (30-April-2015)
  Network and Content Security Devices
  Cisco ASA CX Context-Aware Security	CSCut46028	MR4 (Aug 2015)
  Cisco ASA Next-Generation Firewall Services	CSCut46031	1.1.3.x (31-Aug-2015)
  Cisco Adaptive Security Appliance (ASA)	CSCut46019	8.2.5.58 (April 2015) 8.3.2.45 (April 2015) 8.4.7.29 (April 2015) 8.5.1.25 (April 2015) 8.6.1.18 (April 2015) 8.7.1.17 (April 2015) 9.0.4.34 (April 2015) 9.1.6.2 (24-Apr-2015) 9.2.3.5 (April 2015) 9.3.3.1 (8-May-2015) 9.4.1.1 (8-May-2015)
  Cisco Content Security Appliance Updater Servers	CSCut45841
  Cisco Content Security Management Appliance (SMA)	CSCut45840	8.3.6 (TBD)
  Cisco Email Security Appliance (ESA)	CSCut45836	8.5.6 (20-Apr-2015) 8.5.7 (28-May-2015) 8.0.1 (20-Apr-2015) 9.1 (20-Apr-2015) 9.5 (TBD)
  Cisco FireSIGHT	CSCut45838	Affected systems have been updated.
  Cisco IPS	CSCut46079	Cisco IPS 7.1.11 - TBD Cisco IPS 7.3.4 - TBD
  Cisco Identity Services Engine (ISE)	CSCut46056	1.3.x (4-July-2015)
  Cisco IronPort Encryption Appliance (IEA)	CSCut45837	No further releases are planned.
  Cisco NAC Guest Server	CSCut46011	A patch file will be available for 4.9.3 4.9.4 and 4.9.5 (30-May-2015)
  Cisco NAC Server	CSCut46008	A patch file will be available for 4.9.3 4.9.4 and 4.9.5 (30-May-2015)
  Cisco Physical Access Control Gateway	CSCut46478	1.5.3 (15-Apr-2015)
  Cisco Prime Security Manager (PRSM)	CSCut46035	9.3.3.1-13 (Aug-2015)
  Cisco Prime Security Manager	CSCut46029	Fix will be released (Aug 2015)
  Cisco Registered Envelope Service (CRES) - ESA	CSCut45835	4.5 (19-Sept-2015)
  Cisco Secure Access Control System (ACS)	CSCut46073	TBD
  Cisco Virtual Security Gateway for Microsoft Hyper-V	CSCut45899	1.0.1m (30-April-2015)
  Cisco Web Security Appliance (WSA)	CSCut45842	9.0.0-485 8.8.0-085 8.5.2-024 8.0.8-113
  Network Management and Provisioning
  Cisco Cloupia Unified Infrastructure Controller	CSCut45878	5.4 (Sept. 2015)
  Cisco MATE Collector	CSCut46092	6.2.0 (July 2015) 6.1.2 (May 2015)
  Cisco MATE Design	CSCut46092	6.2.0 (July 2015) 6.1.2 (May 2015)
  Cisco MATE Live	CSCut46092	6.2.0 (July 2015) 6.1.2 (May 2015)
  Cisco Management Appliance (MAP)	CSCut46555	Affected versions have been updated.
  Cisco Mobility Unified Reporting System (MUR)	CSCut45803	No further releases are planned
  Cisco NetFlow Collection Agent	CSCut45937	A patch will be available (15-May-2015)
  Cisco Network Analysis Module	CSCut45934	NAM version 6.2 : (1-June-2015)
  Cisco Packet Tracer	CSCut45971	Cisco Packet Tracer 7.0 (31-July-2015)
  Cisco Prime Access Registrar	CSCut45916	7.0 (10-May-2015)
  Cisco Prime Collaboration Assurance	CSCut45944	11.0 {29-June -2015)
  Cisco Prime Collaboration Deployment	CSCut46580	PCD 11.0 : (14-Apr-2015) PCD 10.5.3: (14-April-2015)
  Cisco Prime Collaboration Provisioning	CSCut45942	PCP 11.0 (22-June 22-2015)
  Cisco Prime Data Center Network Manager (DCNM)	CSCut45879	7.1.2 (30-Apr-2015)
  Cisco Prime IP Express	CSCut45926	2.2.2 - (April 2015)
  Cisco Prime Infrastructure Standalone Plug and Play Gateway	CSCut45935	2.2.0.11 (30-May-2015)
  Cisco Prime Infrastructure	CSCut45936	2.2.2 (May 2015)
  Cisco Prime LAN Management Solution (LMS - Solaris)	CSCut45912	4.002(30-Jun-2015)
  Cisco Prime License Manager	CSCut45972	11.0 (14-May-2015)
  Cisco Prime Network Registrar (CPNR)	CSCut45914	8.1.3.3 (April 2015) 8.2.3 (June 2015) 8.3.1 (July 2015)
  Cisco Prime Optical for SPs	CSCut45919	10.3 patch 1 (April 2015) 10.0 patch 1 (30-April-2015) 9.8 patch 5 (TBD)
  Cisco Prime Performance Manager	CSCut45907	PPM 1.6.0 SP2 (30-May-2015)
  Cisco Quantum Policy Suite (QPS)	CSCut46093	7.5 (TBD)
  Cisco Security Manager	CSCut45947	4.7 (Available) 4.8 4.9 (Available)
  Cisco UCS Central	CSCut45902	1.4(1a) (Dec. 2015)
  Cisco Web Element Manager (WEM)	CSCut45800	No further releases are planned
  Local Collector Appliance (LCA)	CSCut46114	2.2.9 (29-Apr-2015)
  Prime Collaboration Provisioning	CSCut46368	PCP 10.6 (10- April-2015) PCP 11.0 (22-June-2015)
  Security Module for Cisco Network Registrar	CSCut45915	2.2.2 - (April 2015)
  Routing and Switching - Enterprise and Service Provider
  Cisco 910 Industrial Router	CSCut46085	kunpeng 1.2 (24-Apr-2015)
  Cisco ASR 5000 Series	CSCuu83317	V20 (31-Oct-2015)
  Cisco Application Policy Infrastructure Controller (APIC)	CSCut45880	1.0(3j) (30-APR-2015)
  Cisco Connected Grid Router - CGOS	CSCut46303	CG4(4) (1-Apr- 2015)
  Cisco IOS Software and Cisco IOS XE Software	CSCut46130	15.5(01)S (TBD)
  Cisco IOS XE (WebUI feature only)	CSCut46126	16.1 (29-Apr-2015)
  Cisco IOS XR	CSCut45951
  Cisco MDS 9000 Series Multilayer Switches	CSCut45884	5.2 (June 2015) 6.2 (July 2015)
  Cisco Mobile Wireless Transport Manager	CSCut45945	MWTM 6.1.7 (May-2015)
  Cisco Nexus 1000V InterCloud	CSCut45883	Patch will be applied [May-2015]
  Cisco Nexus 1000V Series Switches (Hyper-V)	CSCut45888	5.2(1)SM3(1.1a) (1-Jun-2015)
  Cisco Nexus 1010	CSCut45892	5.2(1)SP1(7.3) : (30-April-2015)
  Cisco Nexus 3000 Series Switches	CSCut45893
  Cisco Nexus 3500 Series Switches	CSCut45894
  Cisco Nexus 4000 Series Blade Switches	CSCut46081	4.1(2)E1(1o) (30-May-2015)
  Cisco Nexus 5000 Series Switches	CSCut45896	7.2 (May-2015)
  Cisco Nexus 6000 Series Switches	CSCut45896	7.2 (May-2015)
  Cisco Nexus 7000 Series Switches	CSCut45885
  Cisco Nexus 9000 (ACI/Fabric Switch)	CSCut45882	11.0(4) (1-May-2015)
  Cisco Nexus 9000 Series Switches	CSCut45886	7.0(3)I1(2) (30-Apr-2015)
  Cisco ONS 15454 Series Multiservice Provisioning Platforms	CSCut46048	10.51 (31-July-2015)
  Cisco OnePK All-in-One VM	CSCut46047	No further releases are planned.
  Cisco Service Control Application for Broadband	CSCut46564	5.2.0 (September 2015)
  Cisco Service Control Collection Manager	CSCut46564	5.2.0 (September 2015)
  Cisco Service Control Engine 1010	CSCut46564	5.2.0 (September 2015)
  Cisco Service Control Engine 2020	CSCut46564	5.2.0 (September 2015)
  Cisco Service Control Engine 8000	CSCut46564	5.2.0 (September 2015)
  Cisco Service Control Subscriber Manager	CSCut46564	5.2.0 (September 2015)
  Routing and Switching - Small Business
  Cisco RV180W Wireless-N Multifunction VPN Router	CSCut46489	No additional releases are planned.
  Cisco Small Business ISA500 Series Integrated Security Appliances	CSCut46058	No further releases are planned.
  Cisco Sx220 switches	CSCut46486	No additional releases are planned.
  Cisco Sx300 switches	CSCut46496	1.4.1.x (1-Nov-2015)
  Cisco Sx500 switches	CSCut46497	1.4.1.x (1-Nov-2015)
  Cisco WAG310G Residential Gateway	CSCut45998	No further releases are planned
  Unified Computing
  Cisco Network Configuration and Change Management Service	CSCut45808	1.5 (2-Apr-2015)
  Cisco UCS C-Series (Standalone Rack) Servers	CSCut45903	Patch is scheduled for (22-May-2015)
  Cisco UCS Invicta Series Solid State Systems	CSCut45897
  Cisco Unified Computing System (Management software)	CSCut46044	A patch will be available (30-Oct-2015)
  Cisco Unified Computing System B-Series (Blade) Servers	CSCut45900	2.2(4) (May 2015)
  Cisco Virtual Security Gateway	CSCut45898	5.2(1)VSG2(1.3) (30-Apr-2015)
  Voice and Unified Communications Devices
  Cisco 190 ATA Series Analog Terminal Adaptor	CSCut46142	1.2.0: (31-Dec-2015)
  Cisco 8800 Series IP Phones - VPN Feature	CSCut46632	10.4(1)(31-Oct-2015)
  Cisco ATA 187 Analog Telephone Adaptor	CSCut46188	9.2(4) (30-Dec-2015)
  Cisco Agent Desktop	CSCut45827	10.0(2) (2-Apr-2015)
  Cisco Computer Telephony Integration Object Server (CTIOS)	CSCut45829	11.0 (April 2015)
  Cisco DX Series IP Phones - Software VPN Feature	CSCut46198	10.2.4 (20-Apr-2015)
  Cisco Emergency Responder	CSCut46165	11.0 (June 2015)
  Cisco Finesse	CSCut46164	Affected systems have been updated.
  Cisco Hosted Collaboration Mediation Fulfillment	CSCut46171	10.6.1 (13-Apr-2015)
  Cisco IM and Presence Service (CUPS)	CSCut46168	11.x (16-April-2015)
  Cisco IP Interoperability and Collaboration System (IPICS)	CSCut45987	5.5 Patch (24-Mar-2015)
  Cisco IP Phone 8800 Series	CSCut46199	10.4 (Oct 2015)
  Cisco MS200X Ethernet Access Switch	CSCut46498	No further releases are planned.
  Cisco MediaSense	CSCut46193	11.0.1 (22-Apr-2015)
  Cisco MeetingPlace	CSCut46180	8.6MR1 (3-Apr-2015)
  Cisco Paging Server (Informacast)	CSCut46607	11.0.1 (June 2015)
  Cisco Paging Server	CSCut46607	11.0.1 (June 2015)
  Cisco Remote Silent Monitoring	CSCut46196	11.0 (June 2015)
  Cisco SPA112 2-Port Phone Adapter	CSCut46059	1.3.7: (31-Dec-2015)
  Cisco SPA122 ATA with Router	CSCut46059	1.3.7: (31-Dec-2015)
  Cisco SPA232D Multi-Line DECT ATA	CSCut46059	1.3.7: (31-Dec-2015)
  Cisco SPA30X Series IP Phones	CSCut46065	7.5.8 (31-Dec-2015)
  Cisco SPA50X Series IP Phones	CSCut46065	7.5.8 (31-Dec-2015)
  Cisco SPA51X Series IP Phones	CSCut46065	7.5.8 (31-Dec-2015)
  Cisco SPA525G	CSCut46063	7.5.8 (31-Dec-2015)
  Cisco Unified 6901 IP Phone	CSCut46182	9.3(2)SR3 (11-Nov-2015)
  Cisco Unified 6911 IP Phone	CSCut46190	9.3(1) SR3 (2-Feb-2016)
  Cisco Unified 6921 IP Phone	CSCut46191	9.4(2)SR2 (31-Dec- 2015)
  Cisco Unified 6945 IP Phone	CSCut46189	9.4(1)SR1 (12-Dec-2015)
  Cisco Unified 7800 Series IP Phones	CSCut46200	10.4(1) (31-Oct-2015)
  Cisco Unified 7962 IP Phone	CSCut46634	9.4(2) (Nov. 2015)
  Cisco Unified 8831 IP Conference Phone	CSCut46620	10.3(2) (Oct. 2015)
  Cisco Unified 8941 IP Phone	CSCut46621	9.4.2 SR2 (12-Dec-2015)
  Cisco Unified 8945 IP Phone	CSCut46183	9.4(2)SR2 (11-Nov-2015)
  Cisco Unified 8961 IP Phone	CSCut46169	9.4(2) (Nov. 2015)
  Cisco Unified Attendant Console Advanced	CSCut46139	A patch is available for vulnerable releases.
  Cisco Unified Attendant Console Business Edition	CSCut46139	A patch is available for vulnerable releases.
  Cisco Unified Attendant Console Department Edition	CSCut46139	A patch is available for vulnerable releases.
  Cisco Unified Attendant Console Enterprise Edition	CSCut46139	A patch is available for vulnerable releases.
  Cisco Unified Attendant Console Premium Edition	CSCut46139	A patch is available for vulnerable releases.
  Cisco Unified Attendant Console Standard	CSCut46140	A patch is available for vulnerable releases.
  Cisco Unified Communications Domain Manager	CSCut46209	8.1.6 (30-Jun-2015)
  Cisco Unified Communications Manager (UCM)	CSCut46146	10.5(2.12019.1) 10.5(2.12900.14) 10.5(2.12900.5) 10.5(2.22900.2) 11.0(0.98000.321) 11.0(0.98000.413) 11.0(1.10000.10) 9.1(2.14900.1)
  Cisco Unified Communications Manager Session Management Edition (SME)	CSCut46146	10.5(2.12019.1) 10.5(2.12900.14) 10.5(2.12900.5) 10.5(2.22900.2) 11.0(0.98000.321) 11.0(0.98000.413) 11.0(1.10000.10) 9.1(2.14900.1)
  Cisco Unified Communications for Microsoft Lync	CSCut46158	10.6.2 (21-Apr-2015)
  Cisco Unified Contact Center Enterprise	CSCut45829	11.0 (April 2015)
  Cisco Unified Contact Center Express	CSCus42785	11.0 (June 2015)
  Cisco Unified IP Conference Phone 8831 for Third-Party Call Control	CSCut46138	9.3(5) (31-Dec-2015)
  Cisco Unified IP Phone 7900 Series (VPN Feature)	CSCut46635	9.4(2) (Nov 2015)
  Cisco Unified IP Phone 7900 Series	CSCut46201	9.4(2)SR2 (25-Dec-2015)
  Cisco Unified Intelligence Center (CUIC)	CSCut45828	11.0(1) (30-June-2015)
  Cisco Unified Intelligent Contact Management Enterprise	CSCut45829	11.0 (April 2015)
  Cisco Unified Quick Connect	CSCut46162	No further releases are planned.
  Cisco Unified Service Monitor	CSCut45925	No future releases planned.
  Cisco Unified Service Statistics Manager	CSCut45922	No further releases are planned.
  Cisco Unified Sip Proxy	CSCut45798	8.06 (19-Jun-2015)
  Cisco Unified Workforce Optimization Quality Management	CSCut46215	10.5 (TBD)
  Cisco Unified Workforce Optimization	CSCut46216	WFM 10.5 SR 6(TBD) WFM 11.0 (TBD)
  Cisco Unity Connection	CSCut46151	11.x (9-Apr-2015)
  Cisco Virtualization Experience Media Engine	CSCut46211	11.0 (June 2015)
  Video, Streaming, TelePresence, and Transcoding Devices
  Cisco AnyRes Live (CAL)	CSCut46530	9.5.1 (01-May-2015)
  Cisco AnyRes VOD (CAL)	CSCut46528
  Cisco Cloud Object Store (COS)	CSCut45991	2.1.2: (Available) 3.0.0: (27-May-2015)
  Cisco D9036 Modular Encoding Platform	CSCut46103	V02.03.xx(30-May- 2015)
  Cisco DCM Series 9900-Digital Content Manager	CSCut45904	16-10 (1-July-2015)
  Cisco Digital Media Manager (DMM)	CSCut45976	5.6.1 (July 2015)
  Cisco Digital Media Player 4310	CSCut46084	5.4(1)RB(2P3) (24-April-2015) 5.3.6RB(2P3) (24-April-2015
  Cisco Digital Media Players (DMP) 4300 Series	CSCut45957	DMM 5.3.6 5.3.6(RB1) 5.4.0 5.4.1 5.4.1(RB1) 5.3.6(RB2) 5.4.1(RB2) (25-Apr-2015)
  Cisco Digital Media Players (DMP) 4400 Series	CSCut45957	DMM 5.3.6 5.3.6(RB1) 5.4.0 5.4.1 5.4.1(RB1) 5.3.6(RB2) 5.4.1(RB2) (25-Apr-2015)
  Cisco Edge 300 Digital Media Player	CSCut46086	1.6RB2_P1 (24-Apr-2015)
  Cisco Edge 340 Digital Media Player	CSCut46083	ce340-1.2-patch-0.6.tar.gz (24-Apr-2015)
  Cisco Enterprise Content Delivery System (ECDS)	CSCut45958	2.6.4 (3-April-2015)
  Cisco Explorer Controller	CSCut46095
  Cisco Expressway Series	CSCut45985	X8.5.2 (25-Mar-2015)
  Cisco Jabber Video for TelePresence (Movi)	CSCut45966	4.8.11 (29-Apr-2015)
  Cisco Media Experience Engines (MXE)	CSCut45969	MXE3500 v3.5 (28-May-2015)
  Cisco Media Services Interface	CSCut45952	4.1.2 (31-Jul-2015)
  Cisco Model D9485 DAVIC QPSK	CSCut46096	1.2.19 (30-Oct-2015)
  Cisco Show and Share (SnS)	CSCut45976	5.6.1 (July 2015)
  Cisco TelePresence 1310	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence Advanced Media Gateway Series	CSCut45953	1.1 (24-Apr-2015)
  Cisco TelePresence Conductor	CSCut45954	XC3.0.3 (May 2015)
  Cisco TelePresence Content Server (TCS)	CSCut45978	6.2.1 (30-Apr-2015)
  Cisco TelePresence EX Series	CSCut45977	TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015)
  Cisco TelePresence IP Gateway Series	CSCut45960	No further releases are planned (EOSM)
  Cisco TelePresence IP VCR Series	CSCut45961	No further releases are planned (EOSWM)
  Cisco TelePresence ISDN GW 3241	CSCut45962	7.4 8.0 8.1 (30-June-2015)
  Cisco TelePresence ISDN GW MSE 8321	CSCut45962	7.4 8.0 8.1 (30-June-2015)
  Cisco TelePresence ISDN Link	CSCut45963	1.1.5 (May 2015)
  Cisco TelePresence MCU (8510, 8420, 4200, 4500 and 5300)	CSCut45965	4.5 (30-July-2015 )
  Cisco TelePresence MPS Series	CSCut45967	No further releases are planned (EOSWM)
  Cisco TelePresence MX Series	CSCut45977	TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015)
  Cisco TelePresence MXP Software	CSCut45970	Affected systems have been updated.
  Cisco TelePresence Multipoint Switch (CTMS)	CSCut45956	No additional releases are planned
  Cisco TelePresence Profile Series	CSCut45977	TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015)
  Cisco TelePresence Recording Server (CTRS)	CSCut45964	No additional releases are planned.
  Cisco TelePresence SX Series	CSCut45977	TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015)
  Cisco TelePresence Serial Gateway Series	CSCut45975	1.0MR5 (31-Oct-2015)
  Cisco TelePresence Server 8710, 7010	CSCut45980	4.1MR2 (30-April-2015)
  Cisco TelePresence Server on Multiparty Media 310, 320	CSCut45980	4.1MR2 (30-April-2015)
  Cisco TelePresence Server on Virtual Machine	CSCut45980	4.1MR2 (30-April-2015)
  Cisco TelePresence Supervisor MSE 8050	CSCut45968	2.3MR3 (30-Sept-2015)
  Cisco TelePresence System 1000	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence System 1100	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence System 1300	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence System 3000 Series	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence System 500-32	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence System 500-37	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence TE Software (for E20 - EoL)	CSCut45979	A fix will be released (Aug 2015)
  Cisco TelePresence TX 9000 Series	CSCut46136	6.1.9 (9-Jul-2015) 1.10.12 (9-Jul-2015)
  Cisco TelePresence Video Communication Server (VCS)	CSCut45985	X8.5.2 (25-Mar-2015)
  Cisco TelePresence Integrator C Series	CSCut45977	TC7.3.3 (30-May-2015) TC6.3.4 (30-Apr-2015) CE8.0.0 (30-May-2015)
  Cisco VDS Service Broker	CSCut46101	1.3 (28-Apr-2015)
  Cisco VEN401 Wireless Access Point Product	CSCut45988	1.24.32.78 (1-Sept-2015)
  Cisco VEN501 Wireless Access Point	CSCut45989	20.2.45.1 (12-Oct-2015)
  Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS)	CSCut45992	3.3.1 (30-Apr-2015) 4.0.0 (30-Apr-2015) 4.1.2 (30-Apr-2015)
  Cisco Video Surveillance 3000 Series IP Cameras	CSCut46482	2.7.0 (30-Jul-2015)
  Cisco Video Surveillance 4000 Series High-Definition IP Cameras	CSCut46480	2.4.6 (30-Jul-2015)
  Cisco Video Surveillance 4300E/4500E High-Definition IP Cameras	CSCut46481	3.2.7 (30-Jul-2015)
  Cisco Video Surveillance 6000 Series IP Cameras	CSCut46482	2.7.0 (30-Jul-2015)
  Cisco Video Surveillance 7000 Series IP Cameras	CSCut46482	2.7.0 (30-Jul-2015)
  Cisco Video Surveillance Media Server	CSCut46054	VSM 7.7.0 (30-Sept-2015
  Cisco Video Surveillance PTZ IP Cameras	CSCut46482	2.7.0 (30-Jul-2015)
  Cisco Videoscape Control Suite	CSCut45990	004.001 (6-May-2015)
  Cisco Videoscape Voyager Vantage	CSCut46111	Patch is scheduled (30-May-2015)
  Tandberg Codian ISDN GW 3210/3220/3240	CSCut45962	7.4 8.0 8.1 (30-June-2015)
  Tandberg Codian MSE 8320 model	CSCut45962	7.4 8.0 8.1 (30-June-2015)
  Wireless
  Cisco 3300 Series Mobility Services Engine (MSE)	CSCut45933	8.0.120.0 (30- May-2015)
  Cisco Wireless LAN Controller (WLC)	CSCut45950	8.1/8.0.120.0 (June 2015)
  Cisco Wireless Location Appliance (WLA)	CSCut45932	8.0.120.0 (30-May-2015)
  Cisco Hosted Services
  Cisco Intelligent Automation for Cloud	CSCut45986	4.3 (Aug. 2015)
  Cisco Master Content Rating Database Server (MCRDBS)	CSCut45799	No further releases are planned.
  Cisco One Portal	CSCut45821	1.41 (11-July-2015)
  Cisco Registered Envelope Service (CRES)	CSCut45834	4.4 (30-May-2015)
  Cisco Services Provisioning Platform (SPP)	CSCut46655	Affected systems have been patched.
  Cisco Smart Call Home	CSCut46001	4.001 (6-May-2015)
  Cisco UCS Invicta Series Autosupport Portal	CSCut45873	Patch is scheduled for (15-Apr-2015)
  Cisco Universal Small Cell CloudBase	CSCut46518	TBD
  Cisco WebEx Meetings (Meeting Center, Training Center, Event Center, Support Center)	CSCut45866	7.0(3)I1(2) (30-April-2015)
  Cisco WebEx Messenger Service	CSCut45857	7.9.3 EP1 (21-Mar-2015)
  Network Health Framework (NHF)	CSCut46117	TBD
  Network Performance Analytics (NPA)	CSCut46119
  Partner Supporting Service (PSS) 1.x	CSCut46027	pss2.6 (30-May-2015)
  Small Cell factory recovery root filesystem V2.99.4 or later	CSCut46088	Affected versions have been updated
  Unified Communication Audit Tool (UCAT)	CSCut45911	10.6 (15-May-2015)
  WebEx Meeting Center	CSCut45867	WebEx11 1.3SP15 (30-April-2015)

  Products Confirmed Not Vulnerable

  Endpoint Clients and Client Software
  

  • Cisco IP Communicator
  • Cisco NAC Agent for Mac
  • Cisco NAC Agent for Web
  • Cisco NAC Agent for Windows
  • Cisco Unified Communications Integration for Microsoft Office Communicator
  • Cisco Unified Personal Communicator
  • Cisco WebEx Connect client (Windows)
  • Cisco WebEx Meetings for BlackBerry
  • Cisco WebEx Productivity Tools

  
  Network Application, Service, and Acceleration
  

  • Cisco ACE GSS 4400 Series Global Site Selector
  • Cisco Extensible Network Controller (XNC)
  • Cisco Nexus Data Broker (NDB)

  
  Network and Content Security Devices
  

  • Cisco ASA Content Security and Control (CSC) Security Services Module
  • Cisco Adaptive Security Device Manager
  • Cisco Firewall Services Module

  
  Network Management and Provisioning
  

  • Cisco Application Networking Manager
  • Cisco Configuration Professional
  • Cisco Connected Grid Device Manager
  • Cisco Connected Grid Network Management System
  • Cisco Insight Reporter
  • Cisco Linear Stream Manager
  • Cisco MGC Node Manager (CMNM)
  • Cisco Multicast Manager
  • Cisco Physical Access Manager
  • Cisco Prime Analytics
  • Cisco Prime Cable Provisioning
  • Cisco Prime Central for SPs
  • Cisco Prime Collaboration Manager
  • Cisco Prime Home
  • Cisco Prime Network Services Controller
  • Cisco Prime Provisioning for SPs
  • Cisco Prime Provisioning
  • Cisco Quantum SON Suite
  • Cisco Unified Operations Manager (CUOM)
  • Cisco Unified Provisioning Manager (CUPM)
  • CiscoWorks Network Compliance Manager

  
  Routing and Switching - Enterprise and Service Provider
  

  • Cisco ASR 5000 Series - MCRDBS
  • Cisco Broadband Access Center Telco Wireless
  • Cisco IOS XE (SSL VPN feature)

  
  Voice and Unified Communications Devices
  

  • Cisco Agent Desktop for Cisco Unified Contact Center Express
  • Cisco Billing and Measurements Server
  • Cisco DX Series IP Phones
  • Cisco PSTN Gateway (PGW) 2200
  • Cisco Packaged Contact Center Enterprise
  • Cisco SPA8000 8-port IP Telephony Gateway
  • Cisco SPA8800 IP Telephony Gateway with 4 FXS and 4 FXO Ports
  • Cisco TAPI Service Provider (TSP)
  • Cisco USC8088
  • Cisco Unified 3900 series IP Phones
  • Cisco Unified 7937 IP Phone
  • Cisco Unified Client Services Framework
  • Cisco Unified E-Mail Interaction Manager
  • Cisco Unified Integration for IBM Sametime
  • Cisco Unified Web Interaction Manager
  • Cisco Unified Wireless IP Phone
  • Cisco Virtual PGW 2200 Softswitch
  • Cisco Voice Portal (CVP)
  • xony VIM/CCDM/CCMP

  
  Video, Streaming, TelePresence, and Transcoding Devices
  

  • Cisco D9034-S Encoder
  • Cisco D9054 HDTV Encoder
  • Cisco D9804 Multiple Transport Receiver
  • Cisco D9824 Advanced Multi Decryption Receiver
  • Cisco D9854/D9854-I Advanced Program Receiver
  • Cisco D9858 Advanced Receiver Transcoder
  • Cisco D9859 Advanced Receiver Transcoder
  • Cisco D9865 Satellite Receiver
  • Cisco TelePresence Exchange System (CTX)
  • Cisco TelePresence Management Suite (TMS)
  • Cisco TelePresence Management Suite Analytics Extension (TMSAE)
  • Cisco TelePresence Management Suite Extension (TMSXE)
  • Cisco TelePresence Management Suite Extension for IBM
  • Cisco TelePresence Management Suite Provisioning Extension
  • Cisco TelePresence Manager (CTSMan)

  
  Wireless
  

  • Cisco Wireless Control System (WCS)

  
  Cisco Hosted Services
  

  • Cisco Cloud Web Security
  • Cisco Cloud and Managed Service Platform
  • Cisco Discovery Service
  • Cisco Services Platform Collector (CSPC)
  • Cisco Unified Services Delivery Platform (CUSDP)
  • Cisco Universal Small Cell 5000 Series running V3.4.2.x software
  • Cisco Universal Small Cell 7000 Series running V3.4.2.x software
  • Cisco WebEx WebOffice & Workspace
  • Data Center Analytics Framework (DCAF)
  • Serial Number Assessment Service (SNAS)

Details

• The OpenSSL Project disclosed 13 vulnerabilities on March 19, 2015. One or more of these vulnerabilities affect both client and server installations of OpenSSL. The vulnerability names and the associated Common Vulnerabilities and Exposures (CVE) IDs are as follows.
  
  The impact of these vulnerabilities on Cisco products may vary depending on the affected product.
  
  For Cisco products, please refer to the information provided in the Cisco bug IDs listed in the Affected Products section of this document. Additional information and detailed instructions are available in the Cisco installation, configuration, and maintenance guides for each product. If additional clarification or advice is needed, please contact your support organization.
  

  OpenSSL ASN1_TYPE_cmp Denial of Service Vulnerability

  The vulnerability is due to a failure to properly compare ASN.1 Boolean types when authenticating a client or server via a certificate. An unauthenticated, remote attacker could submit a crafted certificate designed to trigger the error condition on a device that is expecting to evaluate a certificate from a client or server to authenticate.
  
  This vulnerability has been assigned CVE ID CVE-2015-0286.
  

  OpenSSL ASN.1 Structure Reuse Memory Corruption Vulnerability

  The vulnerability is due to improper reuse of an ASN.1 structure by an application that uses OpenSSL to perform certain functions. This vulnerability is not directly exploitable via an SSL or TLS connection itself, but instead would require that data be processed by an affected application that uses an affected OpenSSL structure. An attacker who can identify an affected application could submit data that is designed to trigger the vulnerability, resulting in a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0287.
  

  OpenSSL PKCS7 NULL Pointer Dereference Denial of Service Vulnerability

  The vulnerability is due to a failure to properly handle a PCKS#7 certificate that is missing the outer ContentInfo element. This vulnerability is not directly exploitable via an SSL or TLS connection and can be triggered only by causing OpenSSL to operate on a malformed PCKS#7 certification directly. An attacker who can cause the certificate to be parsed can craft a malformed ASN.1-encoded PKCS#7 blob designed to trigger the vulnerability, resulting in a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0289.
  

  OpenSSL Base64 Decoding Memory Corruption Vulnerability

  The vulnerability is due to a failure to properly parse Base64-encoded data processed by OpenSSL. An unauthenticated, remote attacker who can cause OpenSSL to operate on malformed Base64 data could trigger an integer underflow condition. This may lead to a buffer overflow condition that could result in a DoS condition or the create the potential to execute arbitrary code in certain situations.
  
  This vulnerability has been assigned CVE ID CVE-2015-0292.
  

  OpenSSL SSLv2 CLIENT-MASTER-KEY Denial of Service Vulnerability

  The vulnerability is due to a failure to properly process certain SSLv2 messages when both SSLv2 and export-grade cipher suites are enabled. An unauthenticated, remote attacker could submit a malformed SSLv2 CLIENT-MASTER-KEY message designed to trigger the vulnerability on an affected device.
  
  This vulnerability has been assigned CVE ID CVE-2015-0293.
  

  OpenSSL Elliptic Curve d2i_ECPrivateKey Denial of Service Vulnerability

  The vulnerability is due to an improperly handled error condition when importing an invalid elliptic curve (EC) private key via the d2i_ECPrivateKey function. This vulnerability cannot be exploited directly via an SSL/TLS client or server connection, but could affect a protocol that uses the OpenSSL library to perform EC operations. An unauthenticated, remote attacker who can identify an affected application could submit a malformed EC private key designed to trigger the vulnerability. A successful attack may result in a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0209.
  

  OpenSSL X.509 to PKCS#10 Denial of Service Vulnerability

  The vulnerability is due to a failure to properly handle a malformed certificate when converting from an X.509 certificate to a PKCS#10 certificate request. An attacker who can identify an application that uses OpenSSL to perform a conversion from a certificate to a certificate request could submit a certificate designed to trigger the vulnerability to an affected device. If successful, the attacker could create a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0288.
  

  No Cisco Products Are Affected by the Following Six Vulnerabilities

  OpenSSL ClientHello sigalgs Denial of Service Vulnerability

  The vulnerability is due to insufficient validation of signature algorithm extensions by the affected software. An unauthenticated, remote attacker on an OpenSSL client could exploit this vulnerability by establishing a connection with a targeted OpenSSL server and sending a renegotiation request to the server using a crafted signature algorithm extension. A NULL pointer deference condition could occur, resulting in a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0291.
  

  OpenSSL Multiblock Denial of Service Vulnerability

  The vulnerability is due to a defect in the "multiblock" feature of OpenSSL that could cause an internal write buffer to become incorrectly set to NULL when using nonblocking IO. An unauthenticated, remote attacker who can submit a properly malformed request to an affected device could trigger a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0290.
  

  OpenSSL DTLSv1_listen SSL Object Corruption Denial of Service Vulnerability

  A vulnerability in the DTLSv1_listen feature due to an unhandled error condition could cause an SSL object to fail to be properly cleared between connections. An unauthenticated, remote attacker who can trigger the error condition could trigger a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0207.
  

  OpenSSL Invalid Probabilistic Signature Scheme Parameters Denial of Service Vulnerability

  A vulnerability in the OpenSSL RSA probabilistic signature scheme (PSS) could be triggered when invalid parameters are presented as part of an ASN.1 encoded signature; validation of such signatures is common when certificate-based authentication has been enabled. An unauthenticated, remote attacker could submit a certificate designed to trigger the vulnerability to create a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0208.
  

  OpenSSL Empty ClientKeyExchange Denial of Service Vulnerability

  A vulnerability in OpenSSL exists when Diffie-Hellman cipher suites are selected and a zero-length ClientKeyExchange message is received by a server. An unauthenticated, remote attacker could exploit this vulnerability by submitting a crafted request to an affected device, which could result in a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-0286.
  

  OpenSSL Handshake with Unseeded PRNG Predictable Value Vulnerability

  A vulnerability exists under specific conditions when an affected client completes an SSL/TLS connection with an improperly initialized pseudorandom number generator (PRNG). When this issue occurs, the connection may be improperly secured because predictable values are used to secure the connection. This could lead to the disclosure of sensitive information.
  
  This vulnerability has been assigned CVE ID CVE-2015-0286.

Workarounds

• For potential workarounds on a specific Cisco product, refer to the Cisco bug ID, which is available from the Cisco Bug Search Tool.

Fixed Software

• When considering software upgrades, customers are advised to consult the Cisco Security Advisories, Responses, and Alerts archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.
  
  In all cases, customers should ensure that the devices to upgrade contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

Exploitation and Public Announcements

• The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerabilities that are described in this advisory.
  
  These vulnerabilities were publicly disclosed by the OpenSSL Project on March 19, 2015.

URL

• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl

Revision History

• Version	Description	Section	Status	Date
  1.15	Backend Database changes to support Cisco IOS Software Checker.	N/A	Final	2016-January-11
  1.14	Updated information about the first fixed release for WSA.	Affected Products - Vulnerable Products	Final	2016-January-04
  1.13	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-August-28
  1.12	Updated Affected Products section - Vulnerable Products.			2015-July-09
  1.11	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-June-26
  1.10	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-June-08
  1.9	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-May-22
  1.8	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-May-08
  1.7	Updated Affected Products section - Vulnerable Products.			2015-May-01
  1.6	Updated Affected Products section - Vulnerable Products.			2015-April-24
  1.5	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-April-17
  1.4	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-April-10
  1.3	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-April-01
  1.2	Updated Affected Products section - Vulnerable/Not Vulnerable Products.			2015-March-26
  1.1	Corrected CVSS score for CVE-2015-0288. Updated Affected Products section - Vulnerable/Not Vulnerable Products. Corrected minor typographical errors.			2015-March-23
  1.0	Initial public release.			2015-March-20

  Show Complete History...