Please be aware that the Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) vulnerability is being addressed from our Cisco Product Security Incident Response Team (PSIRT):
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl
These may be referenced from the following CVE(s):
CVE-2016-0702
CVE-2016-0703
CVE-2016-0704
CVE-2016-0705
CVE-2016-0797
CVE-2016-0798
CVE-2016-0799
CVE-2016-0800
The Cisco PSIRT is investigating these issues and will provide an update in accordance with Cisco’s Security Vulnerability Policy:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Information regarding DROWN:
https://www.openssl.org/news/secadv/20160301.txt
Please direct all inquiries to our PSIRT team regarding product questions and vulnerability updates. The Cisco Product Security Incident Response Team (PSIRT) is responsible for responding to Cisco product security incidents. The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24 hours a day with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.
-Robert