Which Cisco routers, modems and networking gear are affected by and safe from the Heartbleed bug?

cisco to cut 6000 jobs as it battles slow sales in emerging markets

Though the now-infamous Heartbleed bug is currently being patched by many companies on the website level, the OpenSSL data encryption flaw also affects an unknown amount of networking hardware from companies including Cisco Systems.

Cisco published a bulletin on its site, warning that some of its networking hardware and software, which includes routers, Ethernet switches, access points, and more, is affected by the Heartbleed bug, a flaw in the OpenSSL data encryption software used by many of the world’s websites. Though most of this hardware wouldn’t be found in the average person’s home, the hardware that Cisco identifies as vulnerable is likely used by private companies, governments, and other organizations.

We reached out to Cisco for comment, and asked whether a patched website would still be vulnerable to Heartbleed if the organization running the site is still using Cisco hardware and/or services to keep it up and running. Nigel Glennie, Senior Manager of Global Corporate Communcations for Cisco, responded to our request for comment, stating that the list of affected hardware and services “are not going to be the type of products that allow the exploitation of user data on a website.”

However, that seems to run contrary to Cisco’s own bulletin, which states that “Multiple Cisco products incorporate a version of the OpenSSL package affected by a vulnerability that could allow an unauthenticated, remote attacker to retrieve memory in chunks of 64 kilobytes from a connected client or server.” On top of that, the bulletin also states that “disclosed portions of memory could contain sensitive information that may include private keys and passwords.”

Digital Trends is currently awaiting clarification on the apparent discrepancy between Glennie’s statement and Cisco’s published security advisory.

Here’s the list of Cisco networking hardware and services that’s affected by the Heartbleed bug, according to the firm’s official bulletin, as of this writing. Cisco will continue to update these lists, so check back with this Security Advisory page often.

  • Cisco AnyConnect Secure Mobility Client for iOS [CSCuo17488]
  • Cisco Desktop Collaboration Experience DX650
  • Cisco Unified 7800 series IP Phones
  • Cisco Unified 8961 IP Phone
  • Cisco Unified 9951 IP Phone
  • Cisco Unified 9971 IP Phone
  • Cisco IOS XE [CSCuo19730]
  • Cisco Unified Communications Manager (UCM) 10.0
  • Cisco Universal Small Cell 5000 Series running V3.4.2.x software
  • Cisco Universal Small Cell 7000 Series running V3.4.2.x software
  • Small Cell factory recovery root filesystem V2.99.4 or later
  • Cisco MS200X Ethernet Access Switch
  • Cisco Mobility Service Engine (MSE)
  • Cisco TelePresence Video Communication Server (VCS) [CSCuo16472]
  • Cisco TelePresence Conductor
  • Cisco TelePresence Supervisor MSE 8050
  • Cisco TelePresence Server 8710, 7010
  • Cisco TelePresence Server on Multiparty Media 310, 320
  • Cisco TelePresence Server on Virtual Machine
  • Cisco TelePresence ISDN Gateway 8321 and 3201 Series
  • Cisco TelePresence Serial Gateway Series
  • Cisco TelePresence IP Gateway Series
  • Cisco WebEx Meetings Server versions 2.x [CSCuo17528]
  • Cisco Security Manager [CSCuo19265]

Cisco is also currently investigating whether any of its other networking products are vulnerable to Heartbleed. Here’s a list of the hardware and services that the firm is looking into as of this writing.

  • Cisco IOS XR
  • Cisco Nexus 1000V Series Switches
  • Cisco Nexus 4000 Series Switches
  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 6000 Series Switches
  • Cisco Nexus 9000 Series Switches
  • Cisco IPS
  • Cisco Webex Messenger
  • Cisco Jabber client
  • Cisco OnePK All-in-One VM
  • Cisco DCM Series 9900-Digital Content Manager
  • Cisco D9034-S Encoder
  • Cisco D9054 HDTV Encoder
  • Cisco Show and Share
  • WebEx Social
  • Cisco Adaptive Security Device Manager (ASDM)
  • Catalyst 6500 Series and Cisco 7600 Series Firewall Services Module (FWSM)
  • Cisco Digital Media Manager
  • Cisco Digital Media Players
  • Cisco Edge 300 Digital Media Player
  • Cisco Edge 340 Digital Media Player
  • Cisco Emergency Responder
  • Cisco Internet Streamer CDS
  • Cisco Enterprise Content Delivery System (ECDS)
  • Cisco IP Communicator
  • Cisco TelePresence Recording Server
  • Cisco Network Analysis Module Software (NAM)
  • Cisco Wireless Location Appliance
  • CiscoWorks Wireless LAN Solution Engine (WLSE)
  • Cisco Physical Access Gateways
  • Cisco Physical Access Manager
  • Cisco Video Surveillance Media Server Software
  • Cisco Video Surveillance Operations Manager Software
  • Cisco NetFlow Generation Appliance 3240
  • Cisco Prime Data Center Network Manager
  • Cisco Prime Analytics for SPs
  • Cisco Prime Central for SPs
  • Cisco Prime Provisioning for SPs
  • Cisco Prime Performance Manager for SPs
  • Cisco Prime Optical for SPs
  • Cisco Prime Network Services Controller (formerly the Cisco Virtual Network Management Center)
  • Cisco Prime Network Registrar
  • Cisco Unified Contact Center Products
  • Cisco Unified Department Attendant Console
  • Cisco Unified E-Mail Interaction Manager
  • Cisco Unified Enterprise Attendant Console
  • Cisco Unified Mobility
  • Cisco Unified Operations Manager
  • Cisco Unified Personal Communicator
  • Cisco Unified Presence
  • Cisco Unified Provisioning Manager
  • Cisco Unified Quick Connect
  • Cisco Unified Service Monitor
  • Cisco Unified Service Statistics Manager
  • Cisco UCS Invicta Series Solid State Systems
  • Cisco NAC Server
  • Cisco NAC Manager
  • Cisco NAC Agent
  • Cisco NAC Guest Server
  • Cisco ONS 15454 Series Multiservice Provisioning Platforms
  • Cisco Quantum Policy Server (QPS)
  • Cisco TelePresence System 500
  • Cisco TelePresence System 1100
  • Cisco TelePresence System 1300 Series
  • Cisco TelePresence System 3000 Series
  • Cisco TelePresence System T Series
  • Cisco IP Video Phone E20
  • Cisco TelePresence MX Series
  • Cisco TelePresence EX Series
  • Cisco Telepresence Integrator C Series
  • Cisco TelePresence Profile Series
  • Cisco TelePresence SX Series
  • Cisco TelePresence Movi with Precision HD USB / Jabber Video
  • Cisco TelePresence MXP Series
  • Cisco TelePresence MCU all series
  • Cisco TelePresence Advanced Media Gateway Series
  • Cisco TelePresence IP VCR Series
  • Cisco TelePresence ISDN GW 3241
  • Tandberg Codian ISDN GW 3210/3220/3240
  • Tandberg Codian MSE 8310 model
  • Tandberg 770/880/990 MXP Series

Finally, here’s a list of Cisco hardware that has been analyzed by the company, and deemed to be not vulnerable to Heartbleed, as of this writing.

  •     Cisco IOS
  •     Cisco MDS Switches
  •     Cisco Nexus 3000 Series Switches
  •     Cisco Nexus 7000 Series Switches
  •     Cisco Adaptive Security Appliance (ASA) Software
  •     Cisco ACE Application Control Engine Module
  •     Cisco ACE Application Control Engine Appliance
  •     Cisco AnyConnect Secure Mobility Client for desktop platforms
  •     Cisco AnyConnect Secure Mobility Client for Android
  •     Cisco CSS 11500 Series Content Services Switches
  •     Cisco Unified 7900 series IP Phones
  •     Cisco Unified 6900 series IP Phones
  •     Cisco Unified 3900 series IP Phones
  •     Cisco Unified 8941 IP Phone
  •     Cisco Unified 8945 IP Phone
  •     Cisco Unified IP Conference Phone 8831
  •     Cisco Unified Communications Manager (UCM) 9.1(2) and earlier
  •     Cisco Unified Communications Domain Manager
  •     Cisco Unified Business Attendant Console
  •     Cisco Unified Department Attendant Console
  •     Cisco Unified Enterprise Attendant Console
  •     Cisco Identity Service Engine (ISE)
  •     Cisco Secure Access Control Server (ACS)
  •     Cisco Wireless Lan Controller (WLC)
  •     Cisco Wireless Control System (WCS)
  •     Cisco Web Security Appliance (WSA)
  •     Cisco Content Security Management Appliance (SMA)
  •     Cisco Email Security Appliance (ESA)
  •     Cisco IronPort Encryption Appliance (IEA)
  •     Cisco UCS Central
  •     Cisco UCS Fabric Interconnects
  •     Cisco UCS B-Series (Blade) Servers
  •     Cisco UCS C-Series (Stand alone Rack) Servers
  •     Cisco RV315W Wireless-N VPN Router
  •     Cisco RV215W Wireless-N VPN Router
  •     Cisco RV220W Wireless-N VPN Router
  •     Cisco RV180W Wireless-N VPN Router
  •     Cisco RV120W Wireless-N VPN Router
  •     Cisco RV110W Wireless-N VPN Router
  •     Cisco CVR100W Wireless-N VPN Router
  •     Cisco RV325 VPN Router
  •     Cisco RV320 VPN Router
  •     Cisco RV180 VPN Router
  •     Cisco RV082 VPN Router
  •     Cisco RV042 VPN Router
  •     Cisco RV016 VPN Router
  •     Cisco 200 Series Smart Switches
  •     Cisco 300 Series Managed Switches
  •     Cisco 500 Series Stackable Managed Switches
  •     Cisco ESW2 Series Advanced Switches
  •     Cisco WAP121 Wireless-N Access Point
  •     Cisco WAP321 Wireless Access Point
  •     Cisco WAP551/561 Wireless-N Access Point
  •     Cisco WAP4410N Wireless-N Access Point
  •     Cisco Meraki Cloud Managed Indoor Access Points
  •     Cisco Meraki Cloud-Managed Outdoor Access Points
  •     Cisco Meraki MX Security Appliances
  •     Cisco Meraki MS Access Switches
  •     Cisco WebEx Meetings Server versions 1.x
  •     Cisco Application and Content Networking System (ACNS) Software
  •     Cisco Wide Area Application Services (WAAS) Software
  •     Cisco ACE Global Site Selector Appliances (GSS)
  •     Cisco Prime Network Analysis Module (NAM)
  •     Cisco Prime Infrastructure
  •     Cisco Content Switching Module with SSL (CSM-S)
  •     Cisco SSL Services Module (SSLM)
  •     Cisco Intelligent Automation for Cloud
  •     Cisco Meraki Dashboard
  •     Cisco WebEx Meeting Center
  •     Cisco WebEx Support Center
  •     Cisco WebEx Training Center
  •     Cisco WebEx Event Center
  •     Cisco Universal Small Cell CloudBase
  •     Cisco Cloud Web Security

Image credit: http://images.china.cn

Product Review

Gate’s Smart Lock is locked and loaded but ultimately lacks important basics

In a world of video cameras and doorbells comes the Gate Smart Lock, a lock with a video camera embedded. It’s a great idea, but lacks some crucial functionality to make it a top-notch product.

FWD vs. RWD vs. AWD: How the wheels that turn change the way you drive

Let's face it, you've likely heard front-, rear-, and all-wheel drive mentioned before in some context or another. But what do these terms mean, especially in terms of performance? We’ve got the answers.
Movies & TV

The best new movie trailers: Aliens, Avengers: Endgame, Charlie Says, and more

Everyone loves a good trailer, but keeping up with what's new isn't easy. That's why we round up the best ones for you. This week, it's new trailers for Avengers: Endgame, Aladdin, Charlie Says, Doom: Annihilation, and more.

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so in case you're looking to nab some Windows-only software.

The iMac finally got updated, but how does it compare to the Mac mini?

Apple announced a long-awaited update to the Mac mini. Thanks to the updated specs and increase in price, it's begun to creep up to the base model iMac. In this guide, we now put up the specs on the newest refreshed Mac mini against the…

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.

Great PC speakers don't need to break the bank. These are our favorites

Not sure which PC speakers work best with your computer? Here are the best computer speakers on the market, whether you're working with a tight budget or looking to rattle your workstation with top-of-the-line audio components.

Should you buy the affordable MacBook Air, or is the MacBook Pro worth the price?

Though they both share Retina Displays and similar keyboards, there are still some specs differences and other changes that differentiate the new 2018 MacBook Air and MacBook Pro. In this guide, we stack the two up against each other.

Changing a PDF into an EPUB file is easier than you might think

If you like to read on a tablet or ebook reader, you'll find that ePUB files offer a number of advantages over PDFs. With this guide, we'll show you how to convert a PDF to EPUB in a few quick steps.

Confused about RSS? Don't be. Here's what it is and how to use it

What is an RSS feed, anyway? This traditional method of following online news is still plenty useful. Let's take a look at what RSS means, and what advantages it has in today's busy world.

Here are the best affordable monitors for your budget desktop

Looking for the best budget monitors? These monitors are affordable, but still provide the features you need for gaming, work, home or other plans! Take a look at the displays and your wallet will thank you.

This limited-time Dell deal cuts $330 off the price of the XPS 15

Dell is currently running a limited-time sale that is cutting the pricing on the XPS 15 down by $330, but only through Thursday, March 21, and with the use of a special coupon code. 

Google hit with another fine by the EU, this time for $1.7 billion

Google has been fined for the third time by the EU, this time for breaching antitrust laws by requiring third-party websites using its search function to prioritize its ads over competitors.