Solved: Cisco UCS components and Heartbleed bug

ucthakur2 · ‎04-28-2014

I was reading about Cisco products affected by heartbleed vulnerability at following Cisco security advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed#@ID

I couldn't find whether below products/components are affected by this vulnerability.. can someone confirm if these products/components are vulnerable to heartbleed?

Cisco UCS Manager

Cisco Integrated Management Controller (CIMC)

Cisco UCS Blade Chassis

tia

Marcin Latosiewicz · ‎04-28-2014

I agree that phrasing is a bit off, note that the notice is talking about _products_ affected (or not), not particular _components_ of a product.

UCS seems to be off the hook. Not affected are:

Cisco UCS B-Series (Blade) Servers
Cisco UCS C-Series (Stand alone Rack) Servers
Cisco UCS Central
Cisco UCS Fabric Interconnects
Cisco UCS Invicta Series Solid State Systems

CIMC and UCSM would be part of FI or B-or-C-series, etc.

View solution in original post

Marcin Latosiewicz · ‎04-28-2014

I agree that phrasing is a bit off, note that the notice is talking about _products_ affected (or not), not particular _components_ of a product.

UCS seems to be off the hook. Not affected are:

Cisco UCS B-Series (Blade) Servers
Cisco UCS C-Series (Stand alone Rack) Servers
Cisco UCS Central
Cisco UCS Fabric Interconnects
Cisco UCS Invicta Series Solid State Systems

CIMC and UCSM would be part of FI or B-or-C-series, etc.

ucthakur2 · ‎04-28-2014

Thanks for your helpful response Marcin. If I understand it correctly, UCS chassis doesn't have separate management software and it is completely managed by UCS Manager.