Cisco responds to OpenSSL security flaw

Cisco Systems issues response to vulnerabilities in open-source security software OpenSSL.

Cisco Systems on Friday issued a security advisory regarding the use of open-source security software OpenSSL on several of its products. Cisco's advisory follows one issued in October by the OpenSSL Project, which noted that the vulnerabilities could lead to a malicious attacker launching remote code against users' systems.

OpenSSL is an open-source version of secure sockets layer, or SSL, encryption that is used by a number of Web browsers to secure data transmission over the Internet. Cisco's advisory noted that six of its product categories can be affected by the flaws: ASA 5500 and Cisco Pix running 7.x software; CiscoWorks Common Services versions 3.0 and 2.2; Cisco Mainframe Channel Connection PA-4C-E, PA-IC-E, PA-IC-P, CX-CIP2 tn3270 server; Cisco Global Site Selector 4480, 4490 and 4491; Cisco Wireless Control System Software and CiscoIOS-XR.

About the author

    Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.


    Discuss Cisco responds to OpenSSL security flaw

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Articles from CNET
    Fashion forward: Yahoo acquires social-shopping site Polyvore