Lucene search

CiscoCISCO-SA-20160927-OPENSSL

HistorySep 27, 2016 - 10:40 p.m.

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016

2016-09-2722:40:00

tools.cisco.com

242

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

Low

0.911 High

EPSS

Percentile

98.9%

JSON

On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities. Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as “Critical Severity,” one as “Moderate Severity,” and the other 12 as “Low Severity.”

Subsequently, on September 26, the OpenSSL Software Foundation released an additional advisory that describes two new vulnerabilities. These vulnerabilities affect the OpenSSL versions that were released to address the vulnerabilities disclosed in the previous advisory. One of the new vulnerabilities was rated as “High Severity” and the other as “Moderate Severity.”

Of the 16 released vulnerabilities:

Fourteen track issues that could result in a denial of service (DoS) condition
One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality
One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system
Five of the 16 vulnerabilities exclusively affect the recently released OpenSSL versions that are part of the 1.1.0 release series, which has not yet been integrated into any Cisco product.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl”]

Affected configurations

Vulners

Node

ciscoapplication_and_content_networking_system_softwareMatchany

ciscoprime_access_registrarMatchany

ciscoemergency_responderMatchany

ciscounified_contact_center_expressMatchany

ciscoios_xr_softwareMatchany

ciscocisco_ons_15454_system_softwareMatchany

ciscounity_expressMatchany

cisconac_guest_server_softwareMatchany

ciscointrusion_prevention_systemMatchany

ciscoadaptive_security_virtual_applianceMatchany

ciscoace_application_control_engine_module_a1Matchany

ciscowide_area_application_servicesMatchany

ciscowireless_lan_controller_6.0Matchany

ciscounified_contact_center_enterpriseMatchany

ciscounified_meetingplaceMatchany

ciscoip_interoperability_and_collaboration_systemMatchany

ciscounity_connectionMatchany

ciscotelepresence_managerMatchany

ciscosecurity_managerMatchany

ciscoace_application_control_engine_module_a1Matchany

ciscounified_contact_center_expressMatchany

ciscorvs4000_softwareMatchany

ciscovideo_surveillance_media_serverMatchany

ciscodigital_media_managerMatchany

ciscoprime_network_analysis_module_softwareMatchany

ciscowebex_event_centerMatchany

ciscowebex_meeting_centerMatchany

ciscowebex_support_centerMatchany

ciscowebex_training_centerMatchany

cisconetwork_admission_controlMatchany

ciscoanyconnect_secure_mobility_clientMatchany

ciscoshow_and_shareMatchany

ciscomobility_services_engineMatchany

ciscoidentity_services_engine_softwareMatchany

ciscotelepresence_video_communication_server_softwareMatchany

ciscoprime_data_center_network_managerMatchany

ciscosmall_business_220_series_smart_plus_switchesMatchany

ciscoata_187_analog_telephone_adaptorMatchany

ciscoprime_lan_management_solutionMatchany

ciscounified_communications_domain_managerMatchany

ciscoemail_security_virtual_applianceMatchany

ciscocontent_security_management_virtual_applianceMatchany

ciscoprime_infrastructureMatchany

ciscoconnected_grid_network_management_systemMatchany

ciscojabber_imMatchanyandroid

ciscowebex_meetings_serverMatchany

ciscowebex_node_for_mcsMatchany

ciscounified_computing_system_central_softwareMatchany

ciscojabberMatchanywindows

ciscoenterprise_content_delivery_systemMatchany

ciscoasr_5000_series_softwareMatchany

ciscounified_ip_phone_8945Matchany

ciscosocialminerMatchany

ciscomediasenseMatchany

ciscotelepresence_managerMatchany

ciscovideo_surveillance_ip_gateway_encoder_decoderMatchany

ciscounified_sip_proxyMatchany

ciscovirtualization_experience_media_engineMatchany

ciscocisco_nexus_1000v_intercloudMatchanyvmware

ciscoprime_network_registrarMatchany

ciscoucs_directorMatchany

ciscodigital_content_managerMatchany

ciscounified_intelligence_centerMatchany

ciscocisco_nexus_1000v_intercloudMatchanyvmware

ciscoexpresswayMatchany

ciscoprime_opticalMatchany

ciscojabber_guestMatchany

ciscodesktop_collaboration_experienceMatchany

ciscotelepresence_serial_gatewayMatchany

ciscoprime_license_managerMatchany

ciscoprime_collaboration_deploymentMatchany

ciscoacs_for_windowsMatchany

ciscoip_contact_center_expressMatchany

ciscovirtual_topology_systemMatchany

ciscoprime_network_services_controllerMatchany

ciscotelepresence_isdn_gateway_softwareMatchany

ciscotelepresence_conductorMatchany

ciscounified_workforce_optimizationMatchanysr7

ciscovideo_surveillance_ip_gateway_encoder_decoderMatchany

ciscowebex_meetingsMatchanyandroid

ciscowebex_meetingsMatchanywindows

ciscofirepower_system_softwareMatchany

ciscoip_phone_8800_seriesMatchany

ciscoucs_b-series_blade_server_softwareMatchany

ciscoprime_collaboration_assuranceMatchany

ciscoprime_collaboration_provisioningMatchany

ciscojabber_software_development_kitMatchany

ciscojabberMatchanymac

ciscojabberMatchany

ciscoapplication_policy_infrastructure_controllerMatchanyc

ciscopacket_tracerMatchany

ciscoprime_networkMatchany

ciscoprime_security_managerMatchany

ciscoagent_desktopMatchany

ciscoip_phone_8800_seriesMatchany

ciscopaging_serverMatchany

ciscocisco_spa112Matchany

ciscoataMatchany

ciscounified_attendant_console_advancedMatchany

ciscovideoscape_distribution_suite_optimization_engineMatchany

ciscoip_phone_8800_seriesMatchany

cisconx-osMatchanynexus_9000_series

ciscocisco_policy_suiteMatchany

ciscosmall_business_220_series_smart_plus_switchesMatchany

ciscohosted_collaboration_mediation_fulfillmentMatchany

ciscoregistered_envelope_serviceMatchany

ciscoapplication_and_content_networking_system_softwareMatchany

ciscoprime_access_registrarMatchany

ciscoemergency_responderMatchany

ciscounified_contact_center_expressMatchany

ciscoios_xr_softwareMatchany

ciscoonsMatch15454_system_software

ciscounity_expressMatchany

cisconac_guest_server_softwareMatchany

ciscointrusion_prevention_systemMatchany

ciscoadaptive_security_virtual_applianceMatchany

ciscoace_application_control_engine_module_a1Matchany

ciscowide_area_application_servicesMatchany

ciscowireless_lan_controller_6.0Matchany

ciscounified_contact_center_enterpriseMatchany

ciscounified_meetingplaceMatchany

ciscoip_interoperability_and_collaboration_systemMatchany

ciscounity_connectionMatchany

ciscotelepresence_managerMatchany

ciscosecurity_managerMatchany

ciscoace_application_control_engine_module_a1Match4700_series_application_control_engine_appliances

ciscounified_contact_center_expressMatchany

ciscorvs4000_softwareMatchany

ciscovideo_surveillance_media_serverMatchany

ciscodigital_media_managerMatchany

ciscoprime_network_analysis_module_softwareMatchany

ciscowebex_event_centerMatchany

ciscowebex_meeting_centerMatchany

ciscowebex_support_centerMatchany

ciscowebex_training_centerMatchany

cisconetwork_admission_controlMatchany

ciscoanyconnect_secure_mobility_clientMatchany

ciscoshow_and_shareMatchany

ciscomobility_services_engineMatchany

ciscoidentity_services_engine_softwareMatchany

ciscotelepresence_video_communication_server_softwareMatchany

ciscoprime_data_center_network_managerMatchany

ciscosmall_business_srp520_series_firmwareMatch300_series_managed_switches

ciscosmall_business_srp520_series_firmwareMatch500_series_stackable_managed_switches

ciscoataMatch187_analog_telephone_adaptor

ciscoprime_lan_management_solutionMatchany

ciscounified_communications_domain_managerMatchany

ciscoemail_security_virtual_applianceMatchany

ciscocontent_security_management_virtual_applianceMatchany

ciscoprime_infrastructureMatchany

ciscoconnected_grid_network_management_systemMatchany

ciscojabber_imMatchanyandroid

ciscowebex_meetings_serverMatchany

ciscowebex_node_for_mcsMatchany

ciscounified_computing_system_central_softwareMatchany

ciscojabberMatchanywindows

ciscoenterprise_content_delivery_systemMatchany

ciscoasr_5000_series_softwareMatch5000_series_software

ciscounified_ip_phoneMatch8945

ciscosocialminerMatchany

ciscomediasenseMatchany

ciscotelepresence_managerMatchany

ciscovideo_surveillance_softwareMatch4000_series_ip_camera

ciscounified_sip_proxyMatchany

ciscocisco_mxeMatch3500_\(media_experience_engine\)

cisconexus_insightsMatch1000v_intercloud_for_vmware

ciscoprime_network_registrarMatchany

ciscoucs_directorMatchany

ciscodigital_content_managerMatchany

ciscounified_intelligence_centerMatchany

cisconexus_insightsMatch1000v_switch

ciscoexpresswayMatchany

ciscoprime_opticalMatchany

ciscojabber_guestMatchany

ciscodesktop_collaboration_experienceMatchany

ciscotelepresence_serial_gatewayMatchany

ciscoprime_license_managerMatchany

ciscoprime_collaboration_deploymentMatchany

ciscoacs_for_windowsMatchany

ciscoip_contact_center_expressMatchany

ciscovirtual_topology_systemMatchany

ciscoprime_network_services_controllerMatchany

ciscotelepresence_isdn_gateway_softwareMatchany

ciscotelepresence_conductorMatchany

ciscounified_workforce_optimizationMatchanysr7

ciscovideo_surveillance_softwareMatch3000_series_ip_cameras

ciscovideo_surveillance_softwareMatch6000_series_ip_cameras

ciscovideo_surveillance_softwareMatch7000_series_ip_cameras

ciscovideo_surveillance_ip_gateway_encoder_decoderMatchany

ciscowebex_meetingsMatchanyandroid

ciscowebex_meetingsMatch8windows

ciscofirepower_system_softwareMatchany

ciscoip_phone_8800_seriesMatch8800_series_software

ciscoucs_b-series_blade_server_softwareMatchany

ciscoprime_collaboration_assuranceMatchany

ciscoprime_collaboration_provisioningMatchany

ciscojabber_software_development_kitMatchany

ciscojabberMatchanymac

ciscojabberMatchany

ciscoapplication_policy_infrastructure_controllerMatchanyc

ciscopacket_tracerMatchany

ciscoprime_networkMatchany

ciscoprime_security_managerMatchany

ciscoagent_desktopMatchany

ciscoip_phone_8800_seriesMatchany

ciscopaging_serverMatchany

ciscocisco_spa112Match2-port_phone_adapter

ciscoataMatchany

ciscounified_attendant_console_advancedMatchany

ciscovideoscape_distribution_suite_optimization_engineMatchany

ciscoip_phone_8800_seriesMatch7800_series

ciscounified_ip_phoneMatch7900_series

cisconexus_insightsMatch3000_series_switch

ciscocisco_policy_suiteMatchany

ciscosmall_business_srp520_series_firmwareMatch220_series_smart_plus_switches

ciscohosted_collaboration_mediation_fulfillmentMatchany

ciscoregistered_envelope_serviceMatchany

CPENameOperatorVersion
cisco application and content networking system (acns) softwareeqany
cisco prime access registrareqany
cisco emergency respondereqany
cisco unified contact centereqany
cisco ios xr softwareeqany
cisco ons 15454 system softwareeqany
cisco unity expresseqany
cisco nac appliance softwareeqany
intrusion prevention system (ips)eqany
cisco adaptive security appliance (asa) softwareeqany

Name	Operator	Version
cisco application and content networking system (acns) software	eq	any
cisco prime access registrar	eq	any
cisco emergency responder	eq	any
cisco unified contact center	eq	any
cisco ios xr software	eq	any
cisco ons 15454 system software	eq	any
cisco unity express	eq	any
cisco nac appliance software	eq	any
intrusion prevention system (ips)	eq	any
cisco adaptive security appliance (asa) software	eq	any