Skip to main content
  1. Home
  2. Computing
  3. Guides

Which Cisco routers, modems and networking gear are affected by and safe from the Heartbleed bug?

By
cisco to cut 6000 jobs as it battles slow sales in emerging markets

Though the now-infamous Heartbleed bug is currently being patched by many companies on the website level, the OpenSSL data encryption flaw also affects an unknown amount of networking hardware from companies including Cisco Systems.

Cisco published a bulletin on its site, warning that some of its networking hardware and software, which includes routers, Ethernet switches, access points, and more, is affected by the Heartbleed bug, a flaw in the OpenSSL data encryption software used by many of the world’s websites. Though most of this hardware wouldn’t be found in the average person’s home, the hardware that Cisco identifies as vulnerable is likely used by private companies, governments, and other organizations.

Recommended Videos

We reached out to Cisco for comment, and asked whether a patched website would still be vulnerable to Heartbleed if the organization running the site is still using Cisco hardware and/or services to keep it up and running. Nigel Glennie, Senior Manager of Global Corporate Communcations for Cisco, responded to our request for comment, stating that the list of affected hardware and services “are not going to be the type of products that allow the exploitation of user data on a website.”

However, that seems to run contrary to Cisco’s own bulletin, which states that “Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.” On top of that, the bulletin also states that “disclosed portions of memory could contain sensitive information that may include private keys and passwords.”

Digital Trends is currently awaiting clarification on the apparent discrepancy between Glennie’s statement and Cisco’s published security advisory.

Here’s the list of Cisco networking hardware and services that’s affected by the Heartbleed bug, according to the firm’s official bulletin, as of this writing. Cisco will continue to update these lists, so check back with this Security Advisory page often.

  • Cisco AnyConnect Secure Mobility Client for iOS [CSCuo17488]
  • Cisco Desktop Collaboration Experience DX650
  • Cisco Unified 7800 series IP Phones
  • Cisco Unified 8961 IP Phone
  • Cisco Unified 9951 IP Phone
  • Cisco Unified 9971 IP Phone
  • Cisco IOS XE [CSCuo19730]
  • Cisco Unified Communications Manager (UCM) 10.0
  • Cisco Universal Small Cell 5000 Series running V3.4.2.x software
  • Cisco Universal Small Cell 7000 Series running V3.4.2.x software
  • Small Cell factory recovery root filesystem V2.99.4 or later
  • Cisco MS200X Ethernet Access Switch
  • Cisco Mobility Service Engine (MSE)
  • Cisco TelePresence Video Communication Server (VCS) [CSCuo16472]
  • Cisco TelePresence Conductor
  • Cisco TelePresence Supervisor MSE 8050
  • Cisco TelePresence Server 8710, 7010
  • Cisco TelePresence Server on Multiparty Media 310, 320
  • Cisco TelePresence Server on Virtual Machine
  • Cisco TelePresence ISDN Gateway 8321 and 3201 Series
  • Cisco TelePresence Serial Gateway Series
  • Cisco TelePresence IP Gateway Series
  • Cisco WebEx Meetings Server versions 2.x [CSCuo17528]
  • Cisco Security Manager [CSCuo19265]

Cisco is also currently investigating whether any of its other networking products are vulnerable to Heartbleed. Here’s a list of the hardware and services that the firm is looking into as of this writing.

  • Cisco IOS XR
  • Cisco Nexus 1000V Series Switches
  • Cisco Nexus 4000 Series Switches
  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 6000 Series Switches
  • Cisco Nexus 9000 Series Switches
  • Cisco IPS
  • Cisco Webex Messenger
  • Cisco Jabber client
  • Cisco OnePK All-in-One VM
  • Cisco DCM Series 9900-Digital Content Manager
  • Cisco D9034-S Encoder
  • Cisco D9054 HDTV Encoder
  • Cisco Show and Share
  • WebEx Social
  • Cisco Adaptive Security Device Manager (ASDM)
  • Catalyst 6500 Series and Cisco 7600 Series Firewall Services Module (FWSM)
  • Cisco Digital Media Manager
  • Cisco Digital Media Players
  • Cisco Edge 300 Digital Media Player
  • Cisco Edge 340 Digital Media Player
  • Cisco Emergency Responder
  • Cisco Internet Streamer CDS
  • Cisco Enterprise Content Delivery System (ECDS)
  • Cisco IP Communicator
  • Cisco TelePresence Recording Server
  • Cisco Network Analysis Module Software (NAM)
  • Cisco Wireless Location Appliance
  • CiscoWorks Wireless LAN Solution Engine (WLSE)
  • Cisco Physical Access Gateways
  • Cisco Physical Access Manager
  • Cisco Video Surveillance Media Server Software
  • Cisco Video Surveillance Operations Manager Software
  • Cisco NetFlow Generation Appliance 3240
  • Cisco Prime Data Center Network Manager
  • Cisco Prime Analytics for SPs
  • Cisco Prime Central for SPs
  • Cisco Prime Provisioning for SPs
  • Cisco Prime Performance Manager for SPs
  • Cisco Prime Optical for SPs
  • Cisco Prime Network Services Controller (formerly the Cisco Virtual Network Management Center)
  • Cisco Prime Network Registrar
  • Cisco Unified Contact Center Products
  • Cisco Unified Department Attendant Console
  • Cisco Unified E-Mail Interaction Manager
  • Cisco Unified Enterprise Attendant Console
  • Cisco Unified Mobility
  • Cisco Unified Operations Manager
  • Cisco Unified Personal Communicator
  • Cisco Unified Presence
  • Cisco Unified Provisioning Manager
  • Cisco Unified Quick Connect
  • Cisco Unified Service Monitor
  • Cisco Unified Service Statistics Manager
  • Cisco UCS Invicta Series Solid State Systems
  • Cisco NAC Server
  • Cisco NAC Manager
  • Cisco NAC Agent
  • Cisco NAC Guest Server
  • Cisco ONS 15454 Series Multiservice Provisioning Platforms
  • Cisco Quantum Policy Server (QPS)
  • Cisco TelePresence System 500
  • Cisco TelePresence System 1100
  • Cisco TelePresence System 1300 Series
  • Cisco TelePresence System 3000 Series
  • Cisco TelePresence System T Series
  • Cisco IP Video Phone E20
  • Cisco TelePresence MX Series
  • Cisco TelePresence EX Series
  • Cisco Telepresence Integrator C Series
  • Cisco TelePresence Profile Series
  • Cisco TelePresence SX Series
  • Cisco TelePresence Movi with Precision HD USB / Jabber Video
  • Cisco TelePresence MXP Series
  • Cisco TelePresence MCU all series
  • Cisco TelePresence Advanced Media Gateway Series
  • Cisco TelePresence IP VCR Series
  • Cisco TelePresence ISDN GW 3241
  • Tandberg Codian ISDN GW 3210/3220/3240
  • Tandberg Codian MSE 8310 model
  • Tandberg 770/880/990 MXP Series

Finally, here’s a list of Cisco hardware that has been analyzed by the company, and deemed to be not vulnerable to Heartbleed, as of this writing.

  •     Cisco IOS
  •     Cisco MDS Switches
  •     Cisco Nexus 3000 Series Switches
  •     Cisco Nexus 7000 Series Switches
  •     Cisco Adaptive Security Appliance (ASA) Software
  •     Cisco ACE Application Control Engine Module
  •     Cisco ACE Application Control Engine Appliance
  •     Cisco AnyConnect Secure Mobility Client for desktop platforms
  •     Cisco AnyConnect Secure Mobility Client for Android
  •     Cisco CSS 11500 Series Content Services Switches
  •     Cisco Unified 7900 series IP Phones
  •     Cisco Unified 6900 series IP Phones
  •     Cisco Unified 3900 series IP Phones
  •     Cisco Unified 8941 IP Phone
  •     Cisco Unified 8945 IP Phone
  •     Cisco Unified IP Conference Phone 8831
  •     Cisco Unified Communications Manager (UCM) 9.1(2) and earlier
  •     Cisco Unified Communications Domain Manager
  •     Cisco Unified Business Attendant Console
  •     Cisco Unified Department Attendant Console
  •     Cisco Unified Enterprise Attendant Console
  •     Cisco Identity Service Engine (ISE)
  •     Cisco Secure Access Control Server (ACS)
  •     Cisco Wireless Lan Controller (WLC)
  •     Cisco Wireless Control System (WCS)
  •     Cisco Web Security Appliance (WSA)
  •     Cisco Content Security Management Appliance (SMA)
  •     Cisco Email Security Appliance (ESA)
  •     Cisco IronPort Encryption Appliance (IEA)
  •     Cisco UCS Central
  •     Cisco UCS Fabric Interconnects
  •     Cisco UCS B-Series (Blade) Servers
  •     Cisco UCS C-Series (Stand alone Rack) Servers
  •     Cisco RV315W Wireless-N VPN Router
  •     Cisco RV215W Wireless-N VPN Router
  •     Cisco RV220W Wireless-N VPN Router
  •     Cisco RV180W Wireless-N VPN Router
  •     Cisco RV120W Wireless-N VPN Router
  •     Cisco RV110W Wireless-N VPN Router
  •     Cisco CVR100W Wireless-N VPN Router
  •     Cisco RV325 VPN Router
  •     Cisco RV320 VPN Router
  •     Cisco RV180 VPN Router
  •     Cisco RV082 VPN Router
  •     Cisco RV042 VPN Router
  •     Cisco RV016 VPN Router
  •     Cisco 200 Series Smart Switches
  •     Cisco 300 Series Managed Switches
  •     Cisco 500 Series Stackable Managed Switches
  •     Cisco ESW2 Series Advanced Switches
  •     Cisco WAP121 Wireless-N Access Point
  •     Cisco WAP321 Wireless Access Point
  •     Cisco WAP551/561 Wireless-N Access Point
  •     Cisco WAP4410N Wireless-N Access Point
  •     Cisco Meraki Cloud Managed Indoor Access Points
  •     Cisco Meraki Cloud-Managed Outdoor Access Points
  •     Cisco Meraki MX Security Appliances
  •     Cisco Meraki MS Access Switches
  •     Cisco WebEx Meetings Server versions 1.x
  •     Cisco Application and Content Networking System (ACNS) Software
  •     Cisco Wide Area Application Services (WAAS) Software
  •     Cisco ACE Global Site Selector Appliances (GSS)
  •     Cisco Prime Network Analysis Module (NAM)
  •     Cisco Prime Infrastructure
  •     Cisco Content Switching Module with SSL (CSM-S)
  •     Cisco SSL Services Module (SSLM)
  •     Cisco Intelligent Automation for Cloud
  •     Cisco Meraki Dashboard
  •     Cisco WebEx Meeting Center
  •     Cisco WebEx Support Center
  •     Cisco WebEx Training Center
  •     Cisco WebEx Event Center
  •     Cisco Universal Small Cell CloudBase
  •     Cisco Cloud Web Security

Image credit: http://images.china.cn

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
Trying to buy a GPU in 2023 almost makes me miss the shortage
Two AMD Radeon RX 7000 graphics cards on a pink surface.

The days of the GPU shortage are long over, but somehow, buying a GPU is harder than ever -- and that sentiment has very little to do with stock levels. It's just that there are no obvious candidates when shopping anymore.

In a generation where no single GPU stands out as the single best graphics card, it's hard to jump on board with the latest from AMD and Nvidia. I don't want to see another GPU shortage, but the state of the graphics card market is far from where it should be.
This generation is all over the place

Read more
HP printers are heavily discounted in Best Buy’s flash sale
The HP - OfficeJet Pro 8034e Wireless All-In-One Inkjet Printer on a desk with a smartphone.

There’s good news in store if you’re looking to land a new printer at a discount this weekend. Best Buy is having a 48-hour flash sale on HP printers, with several that can compete with the best printers seeing some good prices. HP is almost always one of the best laptop brands, and it’s one of the same when it comes to printers. So if you’re looking for a new home or office printer, read onward on how to save on an HP printer at Best Buy.
HP DeskJet 2755e — $60, was $85

The HP DeskJet 2755e is a good entry-level printer. It’s got you covered if your printing needs are pretty basic, or if you don’t need to print in mass. This is a color InkJet printer, which makes it good for almost all uses. It can also make copies and scan in color, and it has mobile and wireless printing functionality. You can get set up quickly and easily with the HP Smart app that guides you through the setup process, and you can also use this app to print, scan and copy documents from your phone.

Read more
This tiny ThinkPad can’t quite keep up with the MacBook Air M2
Lenovo ThinkPad X1 Nano Gen 3 rear view showing lid and logo.

While the laptop industry continues to move toward 14-inch laptops and larger, the 13-inch laptop remains an important category. One of the best is the Apple MacBook Air M2, with an extremely thin and well-built chassis, great performance, and incredibly long battery life.

Lenovo has recently introduced the third generation of its ThinkPad X1 Nano, one of the lightest laptops we've tested and a good performer as well. It's stiff competition, but which of these two diminutive laptops stands apart?
Specs and configurations

Read more