| |
Bug Id: | CSCus76975 |
Title: | DCNM auto-config profile name containing _space_ causes switch to reload |
|
Description: | Symptom:
Reload on device when a profile with a space in the name is applied to the device via auto configuration.
Conditions:
Profile created in DCNM for auto-config has a space in it.
Workaround:
Make sure that the profile name does not contain a space. Pre-packaged profiles do not have this issue, custom-generated profiles should adhere this naming convention.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 18-MAY-2015 |
|
Known Affected Releases: | 7.1(1) |
|
Known Fixed Releases: | 6.2(13)FM(0.54), 6.2(13)GS(0.15), 6.2(13.1)S0, 7.1(1.46)S0, 7.1(1.62)S0, 7.3(0)FM(0.4) |
|
|
| |
| |
Bug Id: | CSCuu33384 |
Title: | DCNM server unresponsive, appmgr, VM restart do not fix. |
|
Description: | Symptom:
DCNM Server unresponsive
Conditions:
Install Virtual Appliance or DCNM server
Use for some time
Browse to DCNM server
DCNM server is unresponsive or disconnects the HTTPS/HTTP connection.
appmgr restart does not solve issue.
Workaround:
none
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 22-MAY-2015 |
|
Known Affected Releases: | 7.1(2) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu15585 |
Title: | DCNM (106) xmpp failed to add device in case of using selective-HA |
|
Description: | Symptom:
while user adding XMPP group, user is encountering error message - "Unable to login to XMPP with the given credentials".
Conditions:
1) This case should be applicable only for DCNM OVA and ISO versions - 7.1.2(dcnm-va.7.1.2.ova and dcnm-va.7.1.2.iso).
2) After making the setup as selective ha hot/spare active, user could not able add XMPP group.
Workaround:
you can execute this below command in selective ha hot/spare active setup command prompt before you add xmpp user and group.
sed -i "s/^XMPP_VIP_HOSTNAME=.*/XMPP_VIP_HOSTNAME=`hostname`/g" /root/.DO_NOT_DELETE
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 22-MAY-2015 |
|
Known Affected Releases: | 7.1(1.106) |
|
Known Fixed Releases: | 7.2(0.49)S0 |
|
|
| |
| |
Bug Id: | CSCut77407 |
Title: | APRIL 2015 NTPd Vulnerabilities |
|
Description: | Symptoms:
This product has been investigated to determine the applicability of the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-1798 and CVE-2015-1799
Cisco has analyzed this vulnerability and concluded that the previously listed products are not impacted.
Conditions:
Not applicable
Workaround:
Not applicable
Further Problem Description:
Additional details about those vulnerabilities can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation:
The Cisco PSIRT has evaluated those issues and they do not meet the criteria for PSIRT ownership or involvement. Those issues will be addressed via normal resolution channels.
If you believe that there is new information that would cause a change in the severity of those issues, please contact psirt@cisco.com for another evaluation.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 23-MAY-2015 |
|
Known Affected Releases: | 7.1(1) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCup22646 |
Title: | Multiple Vulnerabilities in OpenSSL - June 2014 |
|
Description: | Symptom:
The following Cisco products
Cisco Prime Data Center Network Manager 7.0.1
Cisco Prime Data Center Network Manager 7.0.2
include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2010-5298 - SSL_MODE_RELEASE_BUFFERS session injection or denial of service
CVE-2014-0076 - Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
CVE-2014-0198 - SSL_MODE_RELEASE_BUFFERS NULL pointer dereference
This bug has been opened to address the potential impact on this product.
Conditions:
Devices with default configuration.
Workaround:
Not available.
Further Problem Description:
Cisco Data Center Network Manager 7.0.1 - Affected
Cisco Data Center Network Manager 7.0.2 - Affected
Cisco Data Center Network Manager 6.x, 5.x - Not Affected
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 7.1/6.8:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector=AV:N/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 7.0(2)S3 |
|
Known Fixed Releases: | 7.1(0.24)S0 |
|
|
| |
| |
Bug Id: | CSCur07367 |
Title: | Cisco Prime Data Center Network Manager CVE-2014-6271 and CVE-2014-7169 |
|
Description: | Symptom:
The following Cisco product Cisco Prime Data Center Network Manager includes a version of bash that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-6271
CVE-2014-7169
This bug has been opened to address the potential impact on this product.
Affected versions : DCNM 7.0(1) OVA installation and DCNM 7.0(2) OVA installation.
DCNM 6.x releases are not vulnerable and are not impacted.
Conditions:
Can be exploited by user who is authorized to login via ssh or vCenter console, and the authorized login opens a default bash shell.
Workaround:
Execute :
> yum update bash
This will update the bash shell and fix the violation.
Further Problem Description:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be
found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 7.0(1), 7.0(2), 7.1(0)ZN(91.98), 7.1(0)ZN(91.99), 7.1(0.133), 7.2(0.1)PR(0.1), 7.2(0.1)VB(0.1) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCur07355 |
Title: | Cisco Prime Data Center Network Manager CVE-2014-6271 and CVE-2014-7169 |
|
Description: | Symptom:
The following Cisco product Cisco Prime Data Center Network Manager includes a version of bash that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-6271
CVE-2014-7169
This bug has been opened to address the potential impact on this product.
Conditions:
Devices with default configuration.
Workaround:
None.
Further Problem Description:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be
found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 7.2(0.1)PR(0.1), 7.2(0.1)VB(0.1) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCus69452 |
Title: | Assess GHOST vulnerability for DCNM (CVE-2015-0235) |
|
Description: | Symptom:
On January 27, 2015, a buffer overflow vulnerability in the GNU C library (glibc) was publicly announced. This vulnerability is related to the various gethostbyname functions included in glibc and affect applications that call these functions. This vulnerability may allow an attacker to obtain sensitive information from an exploited system or, in some instances, perform remote code execution with the privileges of the application being exploited. This vulnerability is documented in CVE-2015-0235.
A Cisco Security Advisory has been published to document this vulnerability at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost
This bug has been opened to address the potential impact on this product.
Conditions:
Any of the below of DCNM installer is used
dcnm-va.7.0.1.ova
dcnm-va.7.0.2.ova
dcnm-va.7.1.1.ova
dcnm-va.7.1.1.iso
Workaround:
Not available.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 10/7.8
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C/CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 6.3(2), 7.0(2), 7.1(1) |
|
Known Fixed Releases: | 7.1(1.52)S0 |
|
|
| |
| |
Bug Id: | CSCur07372 |
Title: | Cisco Prime Data Center Network Manager CVE-2014-6271 and CVE-2014-7169 |
|
Description: | Symptom:
The following Cisco product Cisco Prime Data Center Network Manager includes a version of bash that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-6271
CVE-2014-7169
This bug has been opened to address the potential impact on this product.
Conditions:
Devices with default configuration.
Workaround:
None.
Further Problem Description:
The Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation
are 7.5/7.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained
from multiple sources. This includes the CVSS score assigned by the
third-party vendor when available. The CVSS score assigned may not
reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be
found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Other |
|
Severity: | 2 Severe |
Last Modified: | 24-MAY-2015 |
|
Known Affected Releases: | 7.1(0)ZN(91.98), 7.1(0)ZN(91.99) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCtq14131 |
Title: | DCNM Server: Updates for Jboss Application |
|
Description: | Symptoms:
The Jboss application server comes with a vulnerable bean shell component of the jmx-console which perform access control only for GET and POST
methods.
Conditions:
none
Workaround:
none
Further Problem Description:
The vulnerability is further described in CVE-2010-0738
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 5/4.5:
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:P/I:N/A:N/E:F/RL:W/RC:C
CVE ID CVE-2010-0738 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 26-MAY-2015 |
|
Known Affected Releases: | 5.1(1), 5.1(2), 5.1(3), 5.2(1) |
|
Known Fixed Releases: | 5.2(1)S25, 5.2(1)S32, 5.2(1)S44, 5.2(1.30)S0, 5.2(1.37)S0, 5.2(1.48)S0 |
|
|
| |
| |
Bug Id: | CSCut78596 |
Title: | upgraded dcnm from 7-0-2 to 7-1-1-103 -not able to https as before upgd |
|
Description: | Symptom:
When moving from Older OVA version to latest version. Latest version is configured by default to HTTP irrespective of whether the previous setup was HTTP/HTTPs.
Conditions:
When Upgrading an older OVA(HTTPs mode) to latest version.
Latest Version will be by default in HTTP mode.
Workaround:
User has to enable HTTPS using "appmgr update dcnm -h true".
It works in HTTPs with default self signed certificate.If User have added some CA signed certs ,he needs to configure it on the machine again.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 27-MAY-2015 |
|
Known Affected Releases: | 7.1(1.103), 7.2(0.49) |
|
Known Fixed Releases: | 7.2(0.53)S0 |
|
|
| |
| |
Bug Id: | CSCut45879 |
Title: | MARCH 2015 OpenSSL Vulnerabilities |
|
Description: | Symptom:
This product includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288
This bug has been opened to address the potential impact on this product.
Conditions:
When DCNM is deployed as a virtual appliance using OVA or ISO. This is not applicable for Windows and Linux installers of DCNM.
Workaround:
Update the openssl with the latest version which has all the fixes.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the
time of evaluation are: 7.1/6.9
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:H/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 29-MAY-2015 |
|
Known Affected Releases: | 7.1(1) |
|
Known Fixed Releases: | 7.1(1.112)S0, 7.1(2.7)S0 |
|
|
| |
没有评论:
发表评论