| |
Bug Id: | CSCut45919 |
Title: | MARCH 2015 OpenSSL Vulnerabilities |
|
Description: | Symptom:
This product includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288
This bug has been opened to address the potential impact on this product.
The product is affected by the following vulnerabilities:
CVE-2015-0204, CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288
Conditions:
Exposure is not configuration dependent.
Workaround:
Not available.
Further Problem Description:
No fix is planned for this product.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the
time of evaluation are: 7.1/6.9
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:H/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 01-JUN-2015 |
|
Known Affected Releases: | 10.0, 10.3(0.0.192), 9.6(3), 9.8 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCua80676 |
Title: | server-side exception when 100G TERMINAL loopback is provisioned |
|
Description: | Symptom:
gateway/CORBA server-side exception when 100G TERMINAL loopback is provisioned
Conditions:
When Gateway/CORBA user try to operate TERMINAL loopback on TITANO trunk port, with card mode 100G-TXP, a server-side exception rise and TNC reset. This problem happens with NE sw ver. 9.6.0.
Workaround:
None.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 03-JUN-2015 |
|
Known Affected Releases: | 9.5(1), 9.6(0.93), 9.6(3.1), 9.8(0.0.5) |
|
Known Fixed Releases: | 9.6(3), 9.8(0.0.238) |
|
|
| |
| |
Bug Id: | CSCug74496 |
Title: | GMPLS circuit provisioning from 100G_LC to PLIM CRS card fails |
|
Description: | Symptom:
GMPLS circuit provisioning from 100G_LC to PLIM CRS card fails
Conditions:
GMPLS circuit provisioning from 100G_LC to PLIM CRS card fails (configuration buffer is empty)
Prime Optical 9.6.3 build 363
Workaround:
Install the latest patch
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 03-JUN-2015 |
|
Known Affected Releases: | 9.6(3.373) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCun73249 |
Title: | Oracle Statistic run only during weekend on dual server setup |
|
Description: | Symptom:
Opening tables could be slow, for example:L2 topology table, Alarm log table, alarm browser table, Circuit report,etc..
Conditions:
Prime Optical installed on dual server setup
Workaround:
1. Copy /$CTMSHOME/bin/sched_for_stats_job.sh script from Prime Optical server on Prime Optical db machine under /$CTMSHOME/bin
2. Launch the following command ./sched_for_stats_job.sh init
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 04-JUN-2015 |
|
Known Affected Releases: | 9.6(3.403) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut82649 |
Title: | CPO does not recover connectivity to CRS due to blocked health poll |
|
Description: | Symptom:
CRS node is not able to recover connectivity.
Conditions:
CPO managing CRS nodes.
Workaround:
Restart the NE-Service in CPO
Further Problem Description:
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 11-JUN-2015 |
|
Known Affected Releases: | 10.2(0.0.1) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCur54796 |
Title: | Cisco Prime Optical - evaluation of SSLv3 POODLE vulnerability |
|
Description: | Symptom:
Cisco Prime Optical includes a version of SSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-3566
This bug has been opened to address the potential impact on this product.
Conditions:
Exposure is not configuration dependent.
Workaround:
Disable SSLv3 in Apache configuration.
Further Problem Description:
OpenSSL will be upgraded to 0.9.8zc in :
Cisco Prime Optical 10.3 (March/April 2015)
Cisco Prime Optical 10.0.2 (November/December 2014)
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the
time of evaluation are: 2.6/2.5
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:H/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 13-JUN-2015 |
|
Known Affected Releases: | 10.0, 10.0(2), 10.3(0.0.1), 9.2, 9.3, 9.4(0.153), 9.5, 9.6, 9.6(3), 9.8 |
|
Known Fixed Releases: | 10.3(0.0.192) |
|
|
| |
| |
Bug Id: | CSCus42879 |
Title: | JANUARY 2015 OpenSSL Vulnerabilities |
|
Description: | Symptom:
This product includes a version of OpenSSL that is affected by the
vulnerability identified by the Common Vulnerability and Exposures (CVE)
IDs:
CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275,
CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
This bug has been opened to address the potential impact on this product.
Conditions:
This device has a vulnerable version of OpenSSL, this bug is being used to
update the OpenSSL package used on the product.
Workaround:
None.
More Info:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score.
The Base and Temporal CVSS scores as of the time of evaluation are: 5.0/3.7
http://tools.cisco.com/security/center/cvssCalculator.x?version=2.0&vector=AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C
The Cisco PSIRT has assigned this score based on information obtained from
multiple sources. This includes the CVSS score assigned by the third-party
vendor when available. The CVSS score assigned may not reflect the actual
impact on the Cisco Product.
Additional information on Ciscos security vulnerability policy can be
found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 17-JUN-2015 |
|
Known Affected Releases: | 10.0(0.0.309), 10.0(2), 10.0(2.1), 10.3(0.0.1), 9.6(3.403), 9.8(0.4) |
|
Known Fixed Releases: | 10.3(0.0.192) |
|
|
| |
| |
Bug Id: | CSCus31428 |
Title: | Oct 2014 OpenSSL Vulnerabilities |
|
Description: | Symptom:
This product includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-3513, CVE-2014-3567, CVE-2014-3568
This bug has been opened to address the potential impact on this product.
The fix to this bug will be provided with a product patch, to change the version of the vulnerable library.
Conditions:
Exposure is not configuration dependent.
Workaround:
Not available.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the
time of evaluation are: 7.1/6.9
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:H/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 17-JUN-2015 |
|
Known Affected Releases: | 10.0, 9.6(3), 9.8 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu14373 |
Title: | .aud files filling up inodes for /oracle partition on HA systems |
|
Description: | Symptom:
Oracle database crashes and is unable to startup.
Conditions:
CPO running in HA GEO redundancy.
Workaround:
Delete all .aud files under /oracle/admin/optdb/audit and restart oracle.
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 23-JUN-2015 |
|
Known Affected Releases: | 10.0(0.0.309), 10.2(0.0.1), 10.3(0.1), 10.5(0) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCup22035 |
Title: | Multiple Vulnerabilities in OpenSSL - June 2014 |
|
Description: | Symptom:
The following Cisco products
Cisco Prime Optical 10.0
Cisco Prime Optical 9.8
Cisco Prime Optical 9.6.3
include a version of openssl that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2014-0076 - Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
This bug has been opened to address the potential impact on this product.
Conditions:
The Apache web server in bundle with Cisco Prime Optical is affected by the vulnerability.
Workaround:
Not Applicable.
Further Problem Description:
Not Applicable.
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are 1.9/1.7:
https://intellishield.cisco.com/security/alertmanager/cvss?target=new&version=2.0&vector=AV:L/AC:M/Au:N/C:P/I:N/A:N/E:F/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 24-JUN-2015 |
|
Known Affected Releases: | 10.0, 10.0(2.0.52), 9.6(3), 9.8 |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCut82594 |
Title: | Alarm summary and alarm icon color incorrect for Fan Tray units |
|
Description: | Symptom:
On the M6 shelf, the alarm summary tooltip and the alarm icon are not reflecting the current status of the Fan Tray unit.
When the Fan Tray raises the alarm, the following conditions occurs:
- The alarm icon on the Fan Tray image remains green instead of turning red
- The alarm summary tooltip reports the failure status of the board but the alarm count is all zero.
[FAN_TRAY Failed (0 Critical,0 Major, 0 Minor,0 Warning Alarm(s))]
Please, check the attached screenshot for reference.
Expected behavior : Alarm icon and alarm summary tooltip should reflect the correct status of the card.
Conditions:
Workaround:
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 2 Severe |
Last Modified: | 25-JUN-2015 |
|
Known Affected Releases: | 10.3(0.0.192), 10.5(0.0.7) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuu82386 |
Title: | Evaluation of ctm for OpenSSL June 2015 |
|
Description: | Symptom:
This product includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176
This bug has been opened to address the potential impact on this product.
Conditions:
All
Workaround:
No workaround available. The issue will be fixed in next CPO patch.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the
time of evaluation are: 7.8/6.4
https://intellishield.cisco.com/security/alertmanager/cvssCalculator.do?dispatch=1&version=2&vector=AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Status: | Open |
|
Severity: | 2 Severe |
Last Modified: | 25-JUN-2015 |
|
Known Affected Releases: | 10.3(0.0.96), 10.5(0.0.68) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCud48153 |
Title: | Svlan protected cannot be created |
|
Description: | Symptom:
The user is unable to create SVLAN protection using the Create SVLAN wizard.
Conditions:
Prime Optical is connected to Network Elements running ONS 9.2 software version.
Workaround:
The SVLAN protection should be created manually on each Network Element involved in the ring, using the SVLAN and the QinQ tabs.
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 30-JUN-2015 |
|
Known Affected Releases: | 9.5(0.255.3), 9.6(3.1), 9.8(0.0.1) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCuc19526 |
Title: | Cannot provision protected LO VCAT circuits |
|
Description: | Symptom:
Cannot provision protected LO VCAT circuits with split routing option enabled. The circuit wizard prompts an error: "EID 1038: Failed to set LO Options".
Conditions:
the issue happens when creating LO VCAT circuits with split routing option enabled on ONS 15310 CL and ONS 15600 in 9.0 sw release
Workaround:
none
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 30-JUN-2015 |
|
Known Affected Releases: | 9.5, 9.6(0.128), 9.6(3.1), 9.8(0.0.1) |
|
Known Fixed Releases: | |
|
|
| |
| |
Bug Id: | CSCug81739 |
Title: | GMPLS OCHTRAIL Circuit PLIM to TXP stuck in deleting state |
|
Description: | Symptom:
GMPLS OCHTRAIL circuit remains stuck in deleting state after deletion.
Conditions:
Circuit from CRS PLIM to 100G_LC card OCHTRAIL GMPLS
Delete the circuit selecting that ports should go to Locked, disabled state.
Workaround:
None
Further Problem Description:
|
|
Status: | Fixed |
|
Severity: | 1 Catastrophic |
Last Modified: | 30-JUN-2015 |
|
Known Affected Releases: | 10.0(0.1), 10.0(2.1), 9.6(3.373.7), 9.8(0.0.1) |
|
Known Fixed Releases: | 9.8(0) |
|
|
| |
| |
Bug Id: | CSCua67676 |
Title: | RAD E3/E1 Historical PM are not collected from CPT platform |
|
Description: | Symptom:
the E3/E1 and DS3/DS1 Historical PM are not collected from CPT platform
Conditions:
the issue happens managing 9.5.1x and 9.5.2x CPT devices
Workaround:
none
Further Problem Description:
|
|
Status: | Terminated |
|
Severity: | 2 Severe |
Last Modified: | 30-JUN-2015 |
|
Known Affected Releases: | 9.5(0.245), 9.8(0.0.198) |
|
Known Fixed Releases: | |
|
|
| |
2013 Cisco and/or its affiliates. All rights reserved. 
没有评论:
发表评论