Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products

cisco-sa-20160129-openssl · High · Published · Updated

On January 28, 2016, the OpenSSL Project released a security advisory detailing two vulnerabilities. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks on an SSL/TLS connection. This advisory will be updated as additional information becomes available. Cisco will release software updates that address these vulnerabilities. Workarounds that address these vulnerabilities are not available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl

Cisco advisory · CSAF JSON

Workarounds

Any workarounds will be documented in the Cisco bugs, which are accessible through the Cisco Bug Search Tool ["https://bst.cloudapps.cisco.com/bugsearch/bug/BUGID"].

CVEsCVE-2015-3197, CVE-2016-0701
Cisco Bug IDsCSCuy07208, CSCuy07223, CSCuy07225, CSCuy07230, CSCuy07231, CSCuy07247, CSCuy07267, CSCuy07288, CSCuy07289, CSCuy07294, CSCuy07305, CSCuy07316, CSCuy07319, CSCuy07329, CSCuy07342, CSCuy07355, CSCuy07363, CSCuy07372, CSCuy07408, CSCuy07438, CSCuy07452, CSCuy07467, CSCuy07469, CSCuy07470, CSCuy07476, CSCuy07478, CSCuy07492, CSCuy07508, CSCuy07517, CSCuy07520, CSCuy07524, CSCuy16299, CSCuy16302
CVSS ScoreBase NA
Product Names From Source
Cisco Unity, Cisco Emergency Responder, Cisco Unified Contact Center, Cisco ONS 15454 System Software, Cisco Unity Express, Cisco Intrusion Prevention System (IPS), Cisco Unified Contact Center Enterprise, Cisco Unity Connection, Cisco TelePresence, Cisco Unified Contact Center Express, Cisco Mobility Services Engine, Cisco TelePresence Video Communication Server (VCS), Cisco Email Security Appliance (ESA), Cisco WebEx Meetings Server, Cisco Jabber for Windows, Cisco Unified IP Phone 8945, Cisco MediaSense, Cisco Unified Intelligence Center, Cisco Expressway, Cisco Prime Optical, Cisco Prime License Manager, Cisco Prime Collaboration Deployment, Cisco Telepresence Conductor, Cisco IP Phone 8800 Series Software, Cisco UCS B-Series Blade Server Software, Cisco Prime Collaboration Provisioning, Cisco Cloupia Unified Infrastructure Controller, Cisco Prime Performance Manager, Cisco Agent Desktop, Cisco Unified Attendant Console, Cisco AnyRes Live, Cisco Videoscape Control Suite, Cisco Nexus 3000 Series Switch, Cisco Registered Envelope Service, Cisco Secure Email, Intrusion Prevention System (IPS), UCS B-Series Blade Server Software

Related Products

Product CVE Evidence
UCS B-Series Blade Server Software CVE-2016-0701 Cisco OpenVuln
UCS B-Series Blade Server Software CVE-2015-3197 Cisco OpenVuln
Intrusion Prevention System (IPS) CVE-2016-0701 Cisco OpenVuln
Intrusion Prevention System (IPS) CVE-2015-3197 Cisco OpenVuln
Cisco Webex Meetings CVE-2016-0701 Cisco OpenVuln
Cisco Webex Meetings CVE-2015-3197 Cisco OpenVuln
Cisco WebEx Meetings Server CVE-2016-0701 Cisco OpenVuln
Cisco WebEx Meetings Server CVE-2015-3197 Cisco OpenVuln
Cisco Videoscape Control Suite CVE-2016-0701 Cisco OpenVuln
Cisco Videoscape Control Suite CVE-2015-3197 Cisco OpenVuln
Cisco Unity Express CVE-2016-0701 Cisco OpenVuln
Cisco Unity Express CVE-2015-3197 Cisco OpenVuln
Cisco Unity Connection CVE-2016-0701 Cisco OpenVuln
Cisco Unity Connection CVE-2015-3197 Cisco OpenVuln
Cisco Unity CVE-2016-0701 Cisco OpenVuln
Cisco Unity CVE-2015-3197 Cisco OpenVuln
Cisco Unified Intelligence Center CVE-2016-0701 Cisco OpenVuln
Cisco Unified Intelligence Center CVE-2015-3197 Cisco OpenVuln
Cisco Unified IP Phone 8945 CVE-2016-0701 Cisco OpenVuln
Cisco Unified IP Phone 8945 CVE-2015-3197 Cisco OpenVuln
Cisco Unified Contact Center Express CVE-2016-0701 Cisco OpenVuln
Cisco Unified Contact Center Express CVE-2015-3197 Cisco OpenVuln
Cisco Unified Contact Center Enterprise CVE-2016-0701 Cisco OpenVuln
Cisco Unified Contact Center Enterprise CVE-2015-3197 Cisco OpenVuln
Cisco Unified Contact Center CVE-2016-0701 Cisco OpenVuln
Cisco Unified Contact Center CVE-2015-3197 Cisco OpenVuln
Cisco Unified Attendant Console CVE-2016-0701 Cisco OpenVuln
Cisco Unified Attendant Console CVE-2015-3197 Cisco OpenVuln
Cisco UCS B-Series Blade Server Software CVE-2016-0701 Cisco OpenVuln
Cisco UCS B-Series Blade Server Software CVE-2015-3197 Cisco OpenVuln
Cisco Telepresence Conductor CVE-2016-0701 Cisco OpenVuln
Cisco Telepresence Conductor CVE-2015-3197 Cisco OpenVuln
Cisco TelePresence Video Communication Server (VCS) CVE-2016-0701 Cisco OpenVuln
Cisco TelePresence Video Communication Server (VCS) CVE-2015-3197 Cisco OpenVuln
Cisco TelePresence CVE-2016-0701 Cisco OpenVuln
Cisco TelePresence CVE-2015-3197 Cisco OpenVuln
Cisco Secure Email CVE-2016-0701 Cisco OpenVuln
Cisco Secure Email CVE-2015-3197 Cisco OpenVuln
Cisco Registered Envelope Service CVE-2016-0701 Cisco OpenVuln
Cisco Registered Envelope Service CVE-2015-3197 Cisco OpenVuln
Cisco Prime Performance Manager CVE-2016-0701 Cisco OpenVuln
Cisco Prime Performance Manager CVE-2015-3197 Cisco OpenVuln
Cisco Prime Optical CVE-2016-0701 Cisco OpenVuln
Cisco Prime Optical CVE-2015-3197 Cisco OpenVuln
Cisco Prime License Manager CVE-2016-0701 Cisco OpenVuln
Cisco Prime License Manager CVE-2015-3197 Cisco OpenVuln
Cisco Prime Collaboration Provisioning CVE-2016-0701 Cisco OpenVuln
Cisco Prime Collaboration Provisioning CVE-2015-3197 Cisco OpenVuln
Cisco Prime Collaboration Deployment CVE-2016-0701 Cisco OpenVuln
Cisco Prime Collaboration Deployment CVE-2015-3197 Cisco OpenVuln
Cisco Prime Collaboration CVE-2016-0701 Cisco OpenVuln
Cisco Prime Collaboration CVE-2015-3197 Cisco OpenVuln
Cisco ONS 15454 System Software CVE-2016-0701 Cisco OpenVuln
Cisco ONS 15454 System Software CVE-2015-3197 Cisco OpenVuln
Cisco Nexus 3000 Series Switch CVE-2016-0701 Cisco OpenVuln
Cisco Nexus 3000 Series Switch CVE-2015-3197 Cisco OpenVuln
Cisco Mobility Services Engine CVE-2016-0701 Cisco OpenVuln
Cisco Mobility Services Engine CVE-2015-3197 Cisco OpenVuln
Cisco MediaSense CVE-2016-0701 Cisco OpenVuln
Cisco MediaSense CVE-2015-3197 Cisco OpenVuln
Cisco Jabber for Windows CVE-2016-0701 Cisco OpenVuln
Cisco Jabber for Windows CVE-2015-3197 Cisco OpenVuln
Cisco Jabber CVE-2016-0701 Cisco OpenVuln
Cisco Jabber CVE-2015-3197 Cisco OpenVuln
Cisco Intrusion Prevention System (IPS) CVE-2016-0701 Cisco OpenVuln
Cisco Intrusion Prevention System (IPS) CVE-2015-3197 Cisco OpenVuln
Cisco IP phone CVE-2016-0701 Cisco OpenVuln
Cisco IP phone CVE-2015-3197 Cisco OpenVuln
Cisco IP Phone 8800 Series Software CVE-2016-0701 Cisco OpenVuln
Cisco IP Phone 8800 Series Software CVE-2015-3197 Cisco OpenVuln
Cisco Expressway CVE-2016-0701 Cisco OpenVuln
Cisco Expressway CVE-2015-3197 Cisco OpenVuln
Cisco Emergency Responder CVE-2016-0701 Cisco OpenVuln
Cisco Emergency Responder CVE-2015-3197 Cisco OpenVuln
Cisco Email Security Appliance (ESA) CVE-2016-0701 Cisco OpenVuln
Cisco Email Security Appliance (ESA) CVE-2015-3197 Cisco OpenVuln
Cisco Cloupia Unified Infrastructure Controller CVE-2016-0701 Cisco OpenVuln
Cisco Cloupia Unified Infrastructure Controller CVE-2015-3197 Cisco OpenVuln
Cisco AnyRes Live CVE-2016-0701 Cisco OpenVuln
Cisco AnyRes Live CVE-2015-3197 Cisco OpenVuln
Cisco Agent Desktop CVE-2016-0701 Cisco OpenVuln
Cisco Agent Desktop CVE-2015-3197 Cisco OpenVuln