On January 3, 2018, researchers disclosed three vulnerabilities that take advantage of the implementation of speculative execution of instructions on many modern microprocessor architectures to perform side-channel information disclosure attacks. These vulnerabilities could allow an unprivileged local attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel. The first two vulnerabilities, CVE-2017-5753 and CVE-2017-5715, are collectively known as Spectre. The third vulnerability, CVE-2017-5754, is known as Meltdown. The vulnerabilities are all variants of the same attack and differ in the way that speculative execution is exploited. To exploit any of these vulnerabilities, an attacker must be able to run crafted code on an affected device. Although the underlying CPU and operating system combination in a product or service may be affected by these vulnerabilities, the majority of Cisco products are closed systems that do not allow customers to run custom code and are, therefore, not vulnerable. There is no vector to exploit them. Cisco products are considered potentially vulnerable only if they allow customers to execute custom code side-by-side with Cisco code on the same microprocessor. A Cisco product that may be deployed as a virtual machine or a container, even while not directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable. Cisco recommends that customers harden their virtual environments, tightly control user access, and ensure that all security updates are installed. Customers who are deploying products as a virtual device in multi-tenant hosting environments should ensure that the underlying hardware, as well as operating system or hypervisor, is patched against the vulnerabilities in question. Although Cisco cloud services are not directly affected by these vulnerabilities, the infrastructure on which they run may be impacted. Refer to the “Affected Products” section of this advisory for information about the impact of these vulnerabilities on Cisco cloud services. Cisco will release software updates that address these vulnerabilities. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
No products are currently under active investigation to determine whether they are affected by the vulnerability that is described in this advisory.
The following table lists Cisco products and cloud services that are affected by the vulnerabilities described in this advisory:
Product | Cisco Bug ID | Fixed Release Availability |
---|---|---|
Network Application, Service, and Acceleration | ||
Cisco Cloud Services Platform 2100 | CSCvh42644 | Consult the Cisco bug ID for details |
Cisco Network Functions Virtualization Infrastructure Software | CSCvh49919 | Consult the Cisco bug ID for details |
Cisco Nexus 3000 Series Switches | CSCvh42392 | Consult the Cisco bug ID for details |
Cisco Nexus 9000 Series Switches - Standalone, NX-OS mode | CSCvh42392 | Consult the Cisco bug ID for details |
Cisco Wide Area Application Services (WAAS) | CSCvh49646 | Update to v6.x (Available) |
Cisco vBond Orchestrator | - | 18.2 (Available) |
Cisco vEdge 5000 | - | 18.2 (Available) |
Cisco vEdge Cloud | - | 18.2 (Available) |
Cisco vManage NMS | - | |
Cisco vSmart Controller | - | 18.2 (Available) |
Network Management and Provisioning | ||
Cisco Application Policy Infrastructure Controller (APIC) | CSCvh58549 | 3.2(1l) (Available) |
Cisco Evolved Programmable Network Manager | CSCvh64005 | Consult the Cisco bug ID for details |
Cisco Virtual Application Policy Infrastructure Controller (APIC) | CSCvh58549 | 3.2(1l) (Available) |
Routing and Switching - Enterprise and Service Provider | ||
Cisco 4000 Series Integrated Services Routers (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco 4000 Series Integrated Services Routers (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco 800 Industrial Integrated Services Routers (IOx feature) | CSCvh41418 | Consult the Cisco bug ID for details |
Cisco ASR 1000 Series Aggregation Services Router with RP2 or RP3 (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco ASR 1000 Series Aggregation Services Router with RP2 or RP3 (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco ASR 1001-HX Series Aggregation Services Routers (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco ASR 1001-HX Series Aggregation Services Routers (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco ASR 1001-X Series Aggregation Services Routers (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco ASR 1001-X Series Aggregation Services Routers (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco ASR 1002-HX Series Aggregation Services Routers (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco ASR 1002-HX Series Aggregation Services Routers (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco ASR 1002-X Series Aggregation Services Routers (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco ASR 1002-X Series Aggregation Services Routers (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco ASR 9000 XR 64-bit Series Routers | CSCvh42429 | Consult the Cisco bug ID for details |
Cisco CGR 1000 Compute Module (IOx feature) | CSCvh42516 | Consult the Cisco bug ID for details |
Cisco Catalyst 9300 Series Switches (Open Service Container or IOx feature) | CSCvh44164 | 16.6.3 16.7.2 16.8.1 16.9.1 (June - 2018) |
Cisco Catalyst 9400 Series Switches (Open Service Container or IOx feature) | CSCvh44165 | 16.6.3 16.7.2 16.8.1 16.9.1 (June - 2018) |
Cisco Catalyst 9500 Series Switches (Open Service Container or IOx feature) | CSCvh44166 | 16.6.3 16.7.2 16.8.1 16.9.1 (June -2018) |
Cisco Cloud Services Router 1000V Series (IOS XE Open Service Containers) - Meltdown | CSCvh42416 | 16.3.7 (June-2018) |
Cisco Cloud Services Router 1000V Series (IOS XE Open Service Containers) - Spectre v1, v2, v3 | CSCvj59152 | A fix is pending on upstream vendors |
Cisco NCS 1000 Series Routers | CSCvh42429 | Consult the Cisco bug ID for details |
Cisco NCS 5000 Series Routers | CSCvh42429 | Consult the Cisco bug ID for details |
Cisco NCS 5500 Series Routers | CSCvh42429 | Consult the Cisco bug ID for details |
Cisco Nexus 3500 Series Switches | CSCvh42393 | No fix expected |
Cisco Nexus 5000 Series Switches (OAC feature) | CSCvh42394 | Consult the Cisco bug ID for details |
Cisco Nexus 6000 Series Switches (OAC feature) | CSCvh42390 | Consult the Cisco bug ID for details |
Cisco Nexus 7000 Series Switches (OAC feature, Feature Bash) | CSCvh42390 | Consult the Cisco bug ID for details |
Cisco XRv 9000 Series Routers | CSCvh42429 | Consult the Cisco bug ID for details |
Cisco c800 Series Integrated Services Routers (IOx feature) | CSCvh51582 | Consult the Cisco bug ID for details |
Unified Computing | ||
Cisco C880 M4 Server | CSCvh66783 | Consult the Cisco bug ID for details |
Cisco C880 M5 Server | CSCvh66783 | Consult the Cisco bug ID for details |
Cisco Enterprise Network Compute System 5100 Series Servers | CSCvh48274 | UCS E-Series M2 Servers - Single-wide: v1.5.0.7 UCS E-Series M2 Servers - Double-wide: v2.5.0.5 UCS E-Series M3 Servers - Consult the Cisco Bug ID for details |
Cisco Enterprise Network Compute System 5400 Series Servers | CSCvh48274 | UCS E-Series M2 Servers - Single-wide: v1.5.0.7 UCS E-Series M2 Servers - Double-wide: v2.5.0.5 UCS E-Series M3 Servers - Consult the Cisco Bug ID for details |
Cisco HyperFlex with VMWare Hypervisor | CSCvh68612 | HX 2.5.1d HX 2.6.1d HX 3.0.1a (Available) |
Cisco UCS B-Series M2 Blade Servers | CSCvh41576 | UCS B-Series M2 Blade Servers - UCS Manager 2.2(8j) (Apr-2018) UCS Manager 3.1(3h) (May-2018) UCS Manager 3.2(3b) (May-2018) UCS C-Series M2 Rack Servers -UCS Manager 2.2(8j) (Apr-2018) IMC 1.4(3z08) (Apr-2018) / 1.5(9e) (Apr-2018) |
Cisco UCS B-Series M3 Blade Servers | CSCvg97965 | UCS B-Series M3 Blade Servers 3.2(3a)(Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C-Series M3 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) UCS Manager 2.2(8j) (Apr-2018) IMC 3.0(4a) (Mar-2018) IMC 2.0(9n) (Apr-2018) |
Cisco UCS B-Series M4 Blade Servers (except B260, B460) | CSCvg97979 | UCS B-Series M4 Blade Servers (except B260 B460) 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C-Series M4 Rack Servers (except C460) 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) IMC 3.0(4a) (Mar-2018) IMC 2.0(10i) (Apr-2018) UCS S3260 M4 Storage Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) IMC 3.0(4a) (Mar-2018) |
Cisco UCS B-Series M5 Blade Servers | CSCvh41577 | UCS B-Series M5 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) UCS C-Series M5 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) IMC 3.1(3a) (Mar-2018) |
Cisco UCS B260 M4 Blade Server | CSCvg98015 | UCS B260 M4 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS B460 M4 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C460 M4 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) |
Cisco UCS B460 M4 Blade Server | CSCvg98015 | UCS B260 M4 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS B460 M4 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C460 M4 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) |
Cisco UCS C-Series M2 Rack Servers | CSCvh41576 | UCS B-Series M2 Blade Servers - UCS Manager 2.2(8j) (Apr-2018) UCS Manager 3.1(3h) (May-2018) UCS Manager 3.2(3b) (May-2018) UCS C-Series M2 Rack Servers -UCS Manager 2.2(8j) (Apr-2018) IMC 1.4(3z08) (Apr-2018) / 1.5(9e) (Apr-2018) |
Cisco UCS C-Series M3 Rack Servers | CSCvg97965 | UCS B-Series M3 Blade Servers 3.2(3a)(Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C-Series M3 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) UCS Manager 2.2(8j) (Apr-2018) IMC 3.0(4a) (Mar-2018) IMC 2.0(9n) (Apr-2018) |
Cisco UCS C-Series M4 Rack Servers (except C460) 1 | CSCvg97979 | UCS B-Series M4 Blade Servers (except B260 B460) 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C-Series M4 Rack Servers (except C460) 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) IMC 3.0(4a) (Mar-2018) IMC 2.0(10i) (Apr-2018) UCS S3260 M4 Storage Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) IMC 3.0(4a) (Mar-2018) |
Cisco UCS C-Series M5 Rack Servers 1 | CSCvh41577 | UCS B-Series M5 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) UCS C-Series M5 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) IMC 3.1(3a) (Mar-2018) |
Cisco UCS C460 M4 Rack Server | CSCvg98015 | UCS B260 M4 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS B460 M4 Blade Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C460 M4 Rack Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) |
Cisco UCS E-Series M2 Servers | CSCvh48274 | UCS E-Series M2 Servers - Single-wide: v1.5.0.7 UCS E-Series M2 Servers - Double-wide: v2.5.0.5 UCS E-Series M3 Servers - Consult the Cisco Bug ID for details |
Cisco UCS E-Series M3 Servers | CSCvh48274 | UCS E-Series M2 Servers - Single-wide: v1.5.0.7 UCS E-Series M2 Servers - Double-wide: v2.5.0.5 UCS E-Series M3 Servers - Consult the Cisco Bug ID for details |
Cisco UCS M-Series Modular Servers | CSCvh55760 | No fix expected |
Cisco UCS S3260 M4 Storage Server | CSCvg97979 | UCS B-Series M4 Blade Servers (except B260 B460) 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) UCS C-Series M4 Rack Servers (except C460) 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) 2.2(8j) (Apr-2018) IMC 3.0(4a) (Mar-2018) IMC 2.0(10i) (Apr-2018) UCS S3260 M4 Storage Servers 3.2(3a) (Mar-2018) 3.2(2f) (Mar-2018) 3.1(3f) (Mar-2018) IMC 3.0(4a) (Mar-2018) |
Voice and Unified Communications Devices | ||
Cisco Remote Expert Mobile | CSCvh58132 | 11.6(1)ES3 11.5(1)ES8 (Available) |
Wireless | ||
Cisco Wireless Gateway for LoRaWAN | CSCvh58504 | Consult the Cisco bug ID for details |
Cisco Cloud Hosted Services | ||
Cisco Metacloud | CSCvh53992 | Meltdown and Spectre variant 1 (v4.7) (Feb-2018) Spectre variant 2 (Apr-2018) |
Cisco Threat Grid | - | v2.4.3 (Available) |
For information about fixed software releases, consult the Cisco bugs identified in the “Vulnerable Products” section of this advisory.
When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
The vulnerabilities described in this advisory were discussed in several articles and discussion forums as of January 3, 2018.
The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerabilities that are described in this advisory.
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Version | Description | Section | Status | Date |
---|---|---|---|---|
1.31 | Updated Vulnerable Products table with fixed version information for multiple products. | Vulnerable Products | Interim | 2018-July-06 |
1.30 | Updated Vulnerable Products table with fixed version information for UCS E-Series M2 Servers. | Vulnerable Products | Interim | 2018-June-27 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.