Cisco Notification Alert -Cisco Optical - Prime Optical-01-Jan-2016 18:18 GMT

Feedback Sign Up Unsubscribe         Known Bugs - Prime Optical Alert Type: Updated * Bug Id: CSCux41342 Title: Evaluation of ctm for OpenSSL December 2015 vulnerabilities Status: Fixed Severity: 3 Moderate Description: * Symptom: Cisco Prime Optical for SPs includes a version of OpenSSL that is affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs: CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196 and CVE-2015-1794 And disclosed in http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-openssl This bug has been opened to address the potential impact on this product. Conditions: Exposure is not configuration dependent. Cisco has reviewed and concluded that this product is affected by one or more of these vulnerabilities. Cisco Prime Optical for SPs is affected by: CVE-2015-3193 and CVE-2015-1794 Cisco Prime Optical for SPs is not affected by: CVE-2015-3194, CVE-2015-3195 and CVE-2015-3196 Workaround: Not available. Further Problem Description: Additional details about those vulnerabilities can be found at http://cve.mitre.org/cve/cve.html PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 4.3/3.4 http://tools.cisco.com/security/center/cvssCalculator.x?version=2&vector=AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html Last Modified: 22-DEC-2015 Known Affected Releases: 10.0(0.1), 10.0(2.1), 10.3(0.5), 10.5(0), 10.5(2), 9.8(0.2) Known Fixed Releases: Alert Type: Updated * Bug Id: CSCuu19981 Title: Error returned opening Alarm Browser with active alarms acknowledged Status: Fixed Severity: 3 Moderate Description: * Symptom: Opening the Alarm Browser an error message is prompted and the table appears empty/blank. Error message is similar to: "unable to find com.cisco.nm.ctm.dbmodel.fault.acknowledgeinfoinentety with ID300". Conditions: Alarms being acknowledged, either manually or automatically. Issue happens when FM data pruning occurs. Workaround: Install Prime Optical patch 10.3.0.2. Further Problem Description: None. Last Modified: 08-DEC-2015 Known Affected Releases: 10.3(0.1), 10.5(0.0.1) Known Fixed Releases: Find additional information in Bug Search index.   2015 Cisco and/or its affiliates. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks