Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
817
Views
0
Helpful
4
Replies

Is Cisco 2901 router suffering from the heartbleed problem?

ahleung99
Level 1
Level 1

‎06-01-2014 06:43 PM - edited ‎03-10-2019 12:14 AM

I am not quite familiar with networking product. So may be this is a stupid question.

 

We have recently bought a Cisco 2901 router.

http://www.cisco.com/c/en/us/products/routers/2901-integrated-services-router-isr/index.html

 

We checked the cisco heartbleed info page.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

But Cisco 2901 is not listed neither in "Vulnerable products" or "Products Confirmed Not Vulnerable".

 

So, is Cisco 2901 vulnerable or not?

Or does it depend on the firmware version? How to check?

Labels:
0 Helpful
4 Replies 4

nehmaan123
Level 1
Level 1

‎06-02-2014 01:46 AM

2901 doesn't use a Linux kernel so won't be affected by this.

0 Helpful

ahleung99
Level 1
Level 1
In response to nehmaan123

‎06-02-2014 04:45 PM

Thanks for the reply.

But our men said it has a web admin console. How does it implement HTTPS?

0 Helpful

nehmaan123
Level 1
Level 1
In response to ahleung99

‎06-06-2014 02:52 PM

No problem.

Script: http://rehmann.co/projects/heartbeat/ssltest.py

As far as I know Cisco routers don't use OpenSSL. If the Cisco website is not enough satisfaction for you then I would send them an email to confirm.

 

This looks interesting: 

http://www.bbc.co.uk/news/technology-27681996

http://www.loadthegame.com/2014/06/06/heartbleed-still-affects/

0 Helpful

nehmaan123
Level 1
Level 1
In response to nehmaan123

‎06-06-2014 03:13 PM

Just to add to the above. It actually say's that IOS is NOT affected.

The following Cisco products have been analyzed and are not affected by this vulnerability:

  • Cisco 1000 Series Connected Grid Routers
  • Cisco 200 Series Smart Switches
  • Cisco 300 Series Managed Switches
  • Cisco 500 Series Stackable Managed Switche
  • <<<<<<<<SNIPPED>>>>>>>>>
  • Cisco Identity Service Engine (ISE)
  • Cisco Insight Reporter
  • Cisco Integrated Management Controller (IMC)
  • Cisco Intelligent Automation for Cloud
  • Cisco IOS XR
  • Cisco IOS
  • Cisco IP Communicator
     

Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

0 Helpful
Customers Also Viewed These Support Documents