| |
|
Alert Type: | Updated * |
Bug Id: | CSCux34943 | Title: | Evaluation of dcnm-server for Java_December_2015 |
|
Status: | Fixed |
|
Severity: | 2 Severe |
Description: | Symptom:
Cisco Prime Data Center Network Manager (DCNM) includes a version of Commons Collections library that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:
CVE-2015-6420
This product is affected by the listed CVE id.
Conditions:
Exposure is not configuration dependent.
Workaround:
Not available.
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base and Temporal CVSS scores as of the time of evaluation are: 7.5/7.1
http://tools.cisco.com/security/center/cvssCalculator.x?version=2&vector=AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:U/RC:C
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Last Modified: | 04-MAY-2016 |
|
Known Affected Releases: | 6.3(1), 6.3(2), 7.1(1), 7.1(2), 7.2(1), 7.2(2) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.108), 7.2(2.80)S0, 7.3(0)D1(1), 7.3(0)DG(0.3), 7.3(0)DX(0.93), 7.3(0)TSH(0.99), 7.3(0)ZD(0.236), 7.3(1)D1(0.2), 7.3(1)PDB(0.19), 7.3(1)PIB(0.24) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuz52387 | Title: | Evaluation of dcnm-server for OpenSSL May 2016 |
|
Status: | Open |
|
Severity: | 2 Severe |
Description: * | Symptom:
This product includes a version of OpenSSL that is affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs:
CVE-2016-2108 CVE-2016-2107 CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176
And disclosed in https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl
This bug has been opened to address the potential impact on this product.
Cisco has analyzed the vulnerabilities and concluded that this product may be affected by the following vulnerabilities:
Memory corruption in the ASN.1 encoder CVE-2016-2108
Padding oracle in AES-NI CBC MAC check CVE-2016-2107
EVP_EncodeUpdate overflow CVE-2016-2105
EVP_EncryptUpdate overflow CVE-2016-2106
ASN.1 BIO excessive memory allocation CVE-2016-2109
This product is not affected by the following vulnerability:
EBCDIC overread CVE-2016-2176
Conditions:
Exposure is not configuration dependent.
Workaround:
None
Further Problem Description:
PSIRT Evaluation:
The Cisco PSIRT has assigned this bug the following CVSS version 2 score. The Base CVSS score as of the time of evaluation is: 5.1
https://tools.cisco.com/security/center/cvssCalculator.x?version=2&vector=AV:N/AC:H/Au:N/C:P/I:P/A:P/E:ND/RL:ND/RC:ND
The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product.
The score reflects the maximum score for all the vulnerabilities mentioned in this bug information
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
|
|
Last Modified: | 30-MAY-2016 |
|
Known Affected Releases: | 7.2(3) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuz49581 | Title: | MSM: RBAC not supported for Def_SAN scope in MSM |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
In Mulit-Site-Manager, the health of the Default SAN fabric will always be shown in donut chart if the Default SAN fabric is not empty; no matter whether the remote user has access to it.
Conditions:
Adding a remote site to Multi-Site-Manager with the remote user who doesn't not have access on Default_San.
Workaround:
There is no need of workaround because it just shows extra information of the health of the Default SAN fabric. It doesn't disclose any detail about what kind of devices and further access to those devices.
Further Problem Description:
|
|
Last Modified: | 04-MAY-2016 |
|
Known Affected Releases: | 10.0(1)S4 |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuz45415 | Title: | ova upgrade:"error: cannot contact server" on localtime for standby dcnm |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
In a federation setup with two DCNM appliances (say, A and B) using an external Oracle DB, the Admin -> Federation page on "A" shows the below error indicating that it is not able to reach "B".
"error: cannot contact server" on localtime for standby dcnm
But the Administration -> DCNM Server -> Federation page on "B" shows a healthy status for both nodes.
Also, when users logged into the DCNM UI of "A" will not be able to discover devices to be managed by "B" in the Inventory -> Switches -> LAN Switches (because B is not reachable from A).
Conditions:
This has been noticed only in some upgraded setups using DCNM appliances (OVA or ISO form factor) when the hypervisor's time is not in sync with an NTP server. This results in an incorrect time on the peers and causes one of the peers to not reach the other.
Workaround:
The below workaround is given assuming A and B are the two nodes in Federation and A is not able to reach B. (ie., we see the error on A's UI that B is not reachable). In that case, execute the below steps to mitigate this problem.
1. Login to the SSH terminal of B and execute the following command:
A-terminal# ntpdate -b -u
2. Login to the SSH terminal of A and execute the following command:
B-terminal# appmgr restart dcnm
Further Problem Description:
|
|
Last Modified: | 04-MAY-2016 |
|
Known Affected Releases: | 7.3(0.360) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuz35483 | Title: | UI grayed out after adding a network without any Org or Parts |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
UI grayed out after adding a network without any Organization or Partition. Session hangs.
Conditions:
UI grayed out after adding a network without any Organization or Partition.
Workaround:
Hit 'Escape' key on the keyboard.
Further Problem Description:
|
|
Last Modified: | 27-MAY-2016 |
|
Known Affected Releases: | 7.3(0.350) |
|
Known Fixed Releases: * | 10.0(1.10)S0, 10.0(1.16)S0 |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuz60513 | Title: | Fuji4: Import template does not set POAP and Publish option |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
POAP and Published checkbox will always be unchecked for imported templates.
Conditions:
Import a POAP template,POAP and Published checkbox will be unchecked
Workaround:
Manually check the POAP and Published checkbox,after importing a template.
Further Problem Description:
|
|
Last Modified: | 23-MAY-2016 |
|
Known Affected Releases: | 10.0(1)S10 |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuz76124 | Title: | DCNM-10.0:delete the template from GUI does not remove it in file system |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | Symptom:
Templates are not removed from the filesystem.When we restart the service deleted templates are shown in the UI.
Conditions:
If we select a template from UI and delete it,Corresponding template is not removed from the filesystem.
Workaround:
Delete the template both from UI and local file system(Cisco Systems\dcm\dcnm\data\templates).
Further Problem Description:
NA
|
|
Last Modified: | 23-MAY-2016 |
|
Known Affected Releases: | 10.0(1) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuu08025 | Title: | Need DB password in encrypted for some files |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
Need DB password in encrypted for some files
Conditions:
normal
Workaround:
unknown
Further Problem Description:
|
|
Last Modified: | 11-MAY-2016 |
|
Known Affected Releases: | 6.3(2), 7.0(1), 7.1(2) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.108), 7.2(2.61)S0, 7.2(2.62)S0, 7.2(2.76)S0, 7.3(0)D1(0.179), 7.3(0)DG(0.3), 7.3(0)DX(0.93), 7.3(0)RSP(0.7), 7.3(0)SC(0.14), 7.3(0)TSH(0.99) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuz46501 | Title: | Support for border-leaf and border-spine in Fabric Plan Provisioning |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | In Fabric Plan Provisioning, we have border leaf to be added. Currently in FUJI4 customers are supposed to be using only leaf and spine roles.
Symptom:
if border leaf template is used, there are unexpected issues at the final POAP definitions generation. Very hard to fix.
Conditions:
if border leaf template is used in fabric plan.
Workaround:
Create POAP definition from Configure / Deploy / POAP / POAP Definitions screen.
Further Problem Description:
|
|
Last Modified: | 10-MAY-2016 |
|
Known Affected Releases: | 7.3(0.362) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCuz48783 | Title: | Top-Down: Populate Vlan operation picking from incorrect vlan pool |
|
Status: | Open |
|
Severity: | 3 Moderate |
Description: | The Vlan Pool management is not Fabric Aware. The Vlan pools defined for Core/System dynamic VLANs defined in the Fabric settings are not recognized in this release. The Vlan pools are always read in from the Default LAN settings. Additionally, the VLAN settings are always read in during DCNM startup and applied to switches that use Vlan Range/Pool management in Top-Down deployments.
Updates to this Vlan Range are disruptive and not supported in the current DCNM release v10.
Please always update the Vlan Range and restart DCNM for the changes to take effect, ahead of making any Top-Down deployments and pool assignments via Top-Down deployments.
Symptom:
Core/System Dynamic Vlan Range is updated in Fabric settings or in LAN General Settings, but new Vlan range is not seen when requesting a vlan in top-down deployment.
Conditions:
Vlan range is changed after the DCNM is restarted.
Workaround:
Always make updates to Vlan Range ahead of any DCNM Top-Down deployment triggers.
Restart DCNM after Vlan Range updates.
If Vlan Range needs to be updated after any Top-Down deployments are triggered, the DCNM job instances will be required to be cleaned/lost.
Further Problem Description:
This is the behavior in the current release of the product. The Vlan range will be made Fabric aware and more dynamic to range updates in upcoming releases.
|
|
Last Modified: | 09-MAY-2016 |
|
Known Affected Releases: | 10.0(1)S3 |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCus33163 | Title: | DCNM dashboard summary: fex names truncated |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The topology view from the Dashboard/Summary tab truncates the FEX name.
Conditions:
When a switch with fex hosts are discovered and viewed in topology screen.
Workaround:
Please view the fex names in Module view of switch dashboard or under Inventory module screen.
Further Problem Description:
|
|
Last Modified: | 05-MAY-2016 |
|
Known Affected Releases: | 7.1(1) |
|
Known Fixed Releases: | 6.2(11.4)S0, 6.2(13)FM(0.33), 6.2(13)GS(0.13), 7.0(0)BZ(0.98), 7.1(1.33)S0, 7.2(0)FM(0.2), 7.3(0)D1(0.71), 7.3(0)DHB(0.31), 7.3(0)DX(0.16), 7.3(0)EG(0.3) |
|
|
| |
| |
|
Alert Type: | New |
Bug Id: | CSCus33171 | Title: | DCNM dashboard summary: save button sometimes missing in topology view |
|
Status: | Fixed |
|
Severity: | 3 Moderate |
Description: | Symptom:
The topology view from the Dashboard/Summary tab does not always show the "Save" button.
Conditions:
Intermittent when topology screen is viewed.
Workaround:
Close and re-open the browser window might make the "Save"button reappear back.
Further Problem Description:
|
|
Last Modified: | 05-MAY-2016 |
|
Known Affected Releases: | 7.1(1) |
|
Known Fixed Releases: | 6.2(13)FM(0.54), 6.2(13)GS(0.15), 6.2(13.1)S0, 7.0(0)BZ(0.98), 7.1(1.47)S0, 7.3(0)D1(0.71), 7.3(0)DHB(0.31), 7.3(0)DX(0.16), 7.3(0)EG(0.3), 7.3(0)FM(0.4) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux87084 | Title: | DCNM tmz changes for Profile gmt to local |
|
Status: | Fixed |
|
Severity: | 4 Minor |
Description: | Symptom:
Customer had requested that DCNM server time seen as local, be in sync with tmz seen in webUI, where GMT was used. Customer preferred that they match and use local tmz.
Conditions:
This was a DCNM 7.2(1) Unified OVA install.
Workaround:
Not applicable.
Further Problem Description:
|
|
Last Modified: | 11-MAY-2016 |
|
Known Affected Releases: | 7.2(1), 7.2(2a) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.108), 7.2(2.101)S0, 7.3(0)D1(1), 7.3(0)DG(0.3), 7.3(0)DX(0.93), 7.3(0)TSH(0.99), 7.3(0)UCI(0.30), 7.3(1)D1(0.5), 7.3(1)PDB(0.19), 7.3(1)PIB(0.24) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux20977 | Title: | DCNM POAP - Saved settings dropdown too small and names are not sorted |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
The POAP Settings name is shown in a small drop down and is not sorted alphabetically and hence maybe hard ot locate the right settings file in the poap drop down box.
Conditions:
Workaround:
None. User has to mouse over each of the truncated names and parse through entire list to find the appropriate settings file.
Further Problem Description:
|
|
Last Modified: | 07-MAY-2016 |
|
Known Affected Releases: | 7.2(1) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.108), 7.2(2.54)S0, 7.3(0)D1(0.179), 7.3(0)DG(0.3), 7.3(0)DX(0.93), 7.3(0)RSP(0.7), 7.3(0)SC(0.14), 7.3(0)TSH(0.99), 7.3(0)UCI(0.30), 7.3(0)ZD(0.196) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCux05562 | Title: | Add option to clear networks from switch when deleting them from DCNM |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
When deleting a network from DCNM we should automatically go in and delete the network from all switches
Conditions:
none
Workaround:
Delete network from DCNM and manually issue "clear fabric database host" on the switches
Further Problem Description:
|
|
Last Modified: | 07-MAY-2016 |
|
Known Affected Releases: | 7.2(2) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.108), 7.2(2.74)S0, 7.3(0)D1(1), 7.3(0)DG(0.3), 7.3(0)DX(0.93), 7.3(0)TSH(0.99), 7.3(0)UCI(0.30), 7.3(0)ZD(0.236), 7.3(1)D1(0.2), 7.3(1)PDB(0.19) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuv49839 | Title: | Partition ID should be configurable |
|
Status: | Fixed |
|
Severity: | 6 Enhancement |
Description: | Symptom:
Partition ID should be configurable and go along with the VRF/VLAN/L3VNI pool requirement
Conditions:
new install with default values
Workaround:
none
Further Problem Description:
|
|
Last Modified: | 11-MAY-2016 |
|
Known Affected Releases: | 7.2(1) |
|
Known Fixed Releases: * | 7.0(0)BZ(0.98), 7.2(2.14)S0, 7.2(2.38)S0, 7.2(2.40)S0, 7.2(2.52)S0, 7.3(0)D1(0.140), 7.3(0)D1(0.156), 7.3(0)D1(0.179), 7.3(0)DG(0.3), 7.3(0)DX(0.25) |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCup08388 | Title: | Allow DCNM Prime to run as non-privileged root/administrator user |
|
Status: * | Terminated |
|
Severity: | 6 Enhancement |
Description: | Symptom:
DCNM for Linux is supported when running as root. There is no support or procedures to run as non-root user.
Conditions:
Workaround:
None
Further Problem Description:
|
|
Last Modified: | 05-MAY-2016 |
|
Known Affected Releases: | 6.3(1) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCup62093 | Title: | Cisco Prime DCNM - Topology view incorrect on large fabrics |
|
Status: * | Terminated |
|
Severity: | 6 Enhancement |
Description: * | Symptom:
In the topology view, the fabric shows up as a straight line of switches in the view.
Conditions:
Straight line of switches
Workaround:
None
Further Problem Description:
None
|
|
Last Modified: | 05-MAY-2016 |
|
Known Affected Releases: | 6.3(1) |
|
Known Fixed Releases: | |
|
|
| |
| |
|
Alert Type: | Updated * |
Bug Id: | CSCuq09834 | Title: | LLDP logging level set to 5 during discovery |
|
Status: | Other |
|
Severity: | 6 Enhancement |
Description: * | Symptom:
For LAN devices, LLDP logging level set to 5 during discovery
Conditions:
Discovery is performed
Workaround:
Change Logging Level to previous value after device is discovered.
Further Problem Description:
|
|
Last Modified: | 05-MAY-2016 |
|
Known Affected Releases: | 6.3(2)S67 |
|
Known Fixed Releases: | |
|
|
| |
2015 Cisco and/or its affiliates. All rights reserved. 
没有评论:
发表评论