Summary

• On February 16, 2016, a critical vulnerability in the GNU C library (glibc) was publicly disclosed.
  
  Multiple Cisco products incorporate a version of glibc that may be affected by the vulnerability.  The vulnerability could allow an unauthenticated, remote attacker to trigger a buffer overflow condition that may result in a denial of service (DoS) condition or allow the attacker to execute arbitrary code on the affected device.
  
  This advisory will be updated as additional information becomes available.
  
  Cisco will release software updates that address this vulnerability.
  
  Workarounds that address this vulnerability are not available.
  
  This advisory is available at the following link:
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc

Affected Products

• Cisco is currently investigating its product line to determine which products may be affected by this vulnerability and the impact on each affected product. As the investigation progresses, this document will be updated to include the Cisco bug IDs for each affected product. The bugs will be accessible through the Cisco Bug Search Tool and will contain additional platform-specific information, including workarounds (if available) and fixed software versions.
  
  The following products are under active investigation to determine whether they are affected by the vulnerability described in this advisory.
  
  

  Products Under Investigation

  
  Collaboration and Social Media
  

  • Cisco MeetingPlace
  • Cisco WebEx Meetings Server versions 1.x
  • Cisco WebEx Meetings Server versions 2.x
  • Cisco WebEx Node for MCS

  
  Endpoint Clients and Client Software
  

  • Cisco Agent for OpenFlow
  • Cisco AnyConnect Secure Mobility Client for Android
  • Cisco AnyConnect Secure Mobility Client for desktop platforms
  • Cisco AnyConnect Secure Mobility Client for iOS
  • Cisco IP Communicator
  • Cisco Jabber Guest 10.0(2)
  • Cisco MMP server
  • Cisco NAC Agent for Mac
  • Cisco NAC Agent for Web
  • Cisco UC Integration for Microsoft Lync
  • Cisco WebEx Meetings for Android
  • Cisco WebEx Meetings for BlackBerry
  • Cisco WebEx Meetings for WP8
  • Cisco WebEx Productivity Tools
  • WebEx Recording Playback Client

  
  Network Application, Service, and Acceleration
  

  • Cisco ACE 30 Application Control Engine Module
  • Cisco ACE 4700 Series Application Control Engine Appliances
  • Cisco Adaptive Security Appliance (ASA) Software
  • Cisco Application and Content Networking System (ACNS)
  • Cisco Extensible Network Controller (XNC)
  • Cisco Intercloud Fabric
  • Cisco NAC Appliance
  • Cisco Nexus Data Broker (NDB)
  • Cisco Prime Network Service Controller (PNSC)

  
  Network and Content Security Devices
  

  • Cisco Adaptive Security Device Manager
  • Cisco Clean Access Manager
  • Cisco Content Security Appliance Updater Servers
  • Cisco Content Security Management Appliance (SMA)
  • Cisco Intrusion Prevention System Solutions (IPS)
  • Cisco IronPort Email Security Appliance
  • Cisco NAC Guest Server
  • Cisco Physical Access Control Gateway
  • Cisco Physical Access Manager
  • Cisco Registered Envelope Service (CRES)
  • Cisco Secure ACS 5.x
  • Cisco Virtual Security Gateway for Microsoft Hyper-V

  
  Network Management and Provisioning
  

  • Cisco Access Registrar Appliance
  • Cisco Application Networking Manager
  • Cisco Connected Grid Device Manager
  • Cisco Connected Grid Network Management System
  • Cisco Linear Stream Manager
  • Cisco MGC Node Manager (CMNM)
  • Cisco Multicast Manager
  • Cisco Prime Access Registrar Appliance
  • Cisco Prime Analytics
  • Cisco Prime Cable Provisioning
  • Cisco Prime Central for SPs
  • Cisco Prime Collaboration Assurance
  • Cisco Prime Collaboration Deployment
  • Cisco Prime Data Center Network Manager (.ova and .iso installers)
  • Cisco Prime Home
  • Cisco Prime IP Express
  • Cisco Prime Infrastructure Standalone Plug and Play Gateway
  • Cisco Prime Infrastructure
  • Cisco Prime License Manager
  • Cisco Prime Network Registrar (CPNR) virtual appliance
  • Cisco Prime Network Registrar IP Address Manager (IPAM)
  • Cisco Prime Network
  • Cisco Prime Optical for SPs
  • Cisco Prime Performance Manager
  • Cisco Prime Provisioning for SPs
  • Cisco Prime Service Catalog Virtual Appliance
  • Cisco Security Manager
  • Cisco Unified Provisioning Manager (CUPM)
  • Cisco Videoscape Distribution Suite Service Manager
  • CiscoWorks Network Compliance Manager

  
  Routing and Switching - Enterprise and Service Provider
  

  • Cisco ASR 5000 Series
  • Cisco ASR 9000 Series Integrated Service Module
  • Cisco Broadband Access Center Telco Wireless
  • Cisco Connected Grid Routers (CGR)
  • Cisco IOS-XE for ASR1k, ASR903, ISR4400, CSR1000v
  • Cisco IOS-XE for Catalyst 3k, 4k, AIR-CT5760, and Cisco RF Gateway 10 (RFGW-10)
  • Cisco IOS-XR for Cisco ASR 9000 Series Aggregation Services Routers
  • Cisco IOS-XR for Cisco CRS Routers
  • Cisco IOS-XR for Cisco XR 12000 Series Routers
  • Cisco MDS 9000 Series Multilayer Switches
  • Cisco Metro Ethernet 1200 Series Access Devices
  • Cisco Nexus 1000V InterCloud
  • Cisco Nexus 1000V Series Switches
  • Cisco Nexus 3000 series switches
  • Cisco Nexus 4000 Series Blade Switches
  • Cisco Nexus 5000 Series Switches
  • Cisco Nexus 7000
  • Cisco Nexus 9000 (ACI/Fabric Switch)
  • Cisco Nexus 9000 Series (standalone, running NX-OS)
  • Cisco OnePK All-in-One VM
  • Cisco Prime Data Center Network Manager
  • Cisco Service Control Operating System
  • IOS-XR for Cisco Network Convergence System (NCS) 6000

  
  Routing and Switching - Small Business
  

  • Cisco DPH150 Series MicroCell Solution

  
  Unified Computing
  

  • Cisco Billing and Measurement Server 3.30
  • Cisco Standalone rack server CIMC
  • Cisco UCS ADA
  • Cisco UCS Director
  • Cisco UCS Invicta Series
  • Cisco UCS Manager
  • Cisco Unified Computing System B-Series (Blade) Servers

  
  Voice and Unified Communications Devices
  

  • Cisco 190 ATA Series Analog Terminal Adaptor
  • Cisco 7937 IP Phone
  • Cisco ATA 187 Analog Telephone Adaptor
  • Cisco Agent Desktop for Cisco Unified Contact Center Express
  • Cisco Broadband Access Center for Cable Tools Suite 4.1
  • Cisco Broadband Access Center for Cable Tools Suite 4.2
  • Cisco Computer Telephony Integration Object Server (CTIOS)
  • Cisco DX Series IP Phones
  • Cisco Desktop Collaboration Experience DX70 and DX80
  • Cisco Emergency Responder
  • Cisco Hosted Collaboration Mediation Fulfillment
  • Cisco IM and Presence Service (CUPS)
  • Cisco IP Interoperability and Collaboration System (IPICS)
  • Cisco MediaSense
  • Cisco Paging Server (Informacast)
  • Cisco Paging Server
  • Cisco Prime Cable Provisioning Tools Suite 5.0
  • Cisco Prime Cable Provisioning Tools Suite 5.1
  • Cisco Remote Silent Monitoring
  • Cisco SPA112 2-Port Phone Adapter
  • Cisco SPA122 ATA with Router
  • Cisco SPA232D Multi-Line DECT ATA
  • Cisco SPA525G
  • Cisco TAPI Service Provider (TSP)
  • Cisco Unified 3900 series IP Phones
  • Cisco Unified 6945 IP Phones
  • Cisco Unified 7800 series IP Phones
  • Cisco Unified 8961 IP Phone
  • Cisco Unified 9951 IP Phone
  • Cisco Unified 9971 IP Phone
  • Cisco Unified Attendant Console Advanced
  • Cisco Unified Attendant Console Business Edition
  • Cisco Unified Attendant Console Department Edition
  • Cisco Unified Attendant Console Enterprise Edition
  • Cisco Unified Attendant Console Premium Edition
  • Cisco Unified Attendant Console Standard
  • Cisco Unified Client Services Framework
  • Cisco Unified Communications Domain Manager
  • Cisco Unified Communications Manager (UCM)
  • Cisco Unified Communications Manager Session Management Edition (SME)
  • Cisco Unified Contact Center Enterprise
  • Cisco Unified E-Mail Interaction Manager
  • Cisco Unified IP Conference Phone 8831 for Third-Party Call Control
  • Cisco Unified IP Phone 6921
  • Cisco Unified IP Phone 7900 Series
  • Cisco Unified IP Phone 8941 and 8945 (SIP)
  • Cisco Unified Intelligent Contact Management Enterprise
  • Cisco Unified Operations Manager (CUOM)
  • Cisco Unified SIP Phone 3905
  • Cisco Unified Web Interaction Manager
  • Cisco Unified Wireless IP Phone
  • Cisco Unified Workforce Optimization
  • Cisco Unity Connection (UC)
  • Cisco Unity Express
  • xony VIM/CCDM/CCMP

  
  Video, Streaming, TelePresence, and Transcoding Devices
  

  • Cisco AnyRes Live (CAL)
  • Cisco AnyRes VOD (CAL)
  • Cisco D9824 Advanced Multi Decryption Receiver
  • Cisco D9854/D9854-I Advanced Program Receiver
  • Cisco D9858 Advanced Receiver Transcoder
  • Cisco D9859 Advanced Receiver Transcoder
  • Cisco DCM Series 9900-Digital Content Manager
  • Cisco DNCS Application Server (AppServer)
  • Cisco Digital Media Players (DMP) 4300 Series
  • Cisco Digital Media Players (DMP) 4400 Series
  • Cisco Digital Transport Adapter Control System (DTACS)
  • Cisco Edge 300 Digital Media Player
  • Cisco Expressway Series
  • Cisco International Digital Network Control System (iDNCS)
  • Cisco Model D9485 DAVIC QPSK
  • Cisco Powerkey CAS Gateway (PCG)
  • Cisco Show and Share
  • Cisco TelePresence 1310
  • Cisco TelePresence Conductor
  • Cisco TelePresence Exchange System (CTX)
  • Cisco TelePresence Management Suite (TMS)
  • Cisco TelePresence Management Suite Analytics Extension (TMSAE)
  • Cisco TelePresence Management Suite Extension (TMSXE)
  • Cisco TelePresence Management Suite Extension for IBM
  • Cisco TelePresence Management Suite Provisioning Extension
  • Cisco TelePresence Server 8710, 7010
  • Cisco TelePresence Server on Multiparty Media 310, 320
  • Cisco TelePresence Server on Virtual Machine
  • Cisco TelePresence System 1000
  • Cisco TelePresence System 1100
  • Cisco TelePresence System 1300
  • Cisco TelePresence System 3000 Series
  • Cisco TelePresence System 500-32
  • Cisco TelePresence System 500-37
  • Cisco TelePresence TX 9000 Series
  • Cisco TelePresence Video Communication Server (VCS)
  • Cisco Transaction Encryption Device (TED)
  • Cisco VEN501 Wireless Access Point
  • Cisco Video Delivery System Recorder
  • Cisco Video Distribution Suite for Internet Streaming (VDS-IS/CDS-IS)
  • Cisco Video Surveillance 3000 Series IP Cameras
  • Cisco Video Surveillance 4000 Series High-Definition IP Cameras
  • Cisco Video Surveillance 4300E/4500E High-Definition IP Cameras
  • Cisco Video Surveillance 6000 Series IP Cameras
  • Cisco Video Surveillance 7000 Series IP Cameras
  • Cisco Video Surveillance PTZ IP Cameras
  • Cisco Videoscape Distribution Suite Transparent Caching
  • Cisco Virtual PGW 2200 Softswitch
  • Cloud Object Store (COS)
  • Explorer Controller (EC) system
  • VDS-Recorder
  • VDS-TV Caching GW
  • VDS-TV Streamer
  • VDS-TV Vault

  
  Wireless
  

  • Cisco Aironet 600 Series OfficeExtend Access Point
  • Cisco Mobility Services Engine (MSE)
  • Cisco Wireless LAN Controller (WLC)
  • Cisco Wireless Security Gateway Application (WSG)
  • Cisco 3G Femtocell Wireless
  • Digital Life RMS 1.8.1.1 Cisco Broadband Access Center Telco Wireless 3.8.1
  • Small Cell factory recovery root filesystem V2.99.4 or later

  
  Cisco Hosted Services
  

  • Cisco Cloud Web Security
  • Cisco Cloud and Systems Management
  • Cisco Common Services Platform Collector
  • Cisco Intelligent Automation for Cloud
  • Cisco Partner Supporting Service
  • Cisco Proactive Network Operations Center
  • Cisco SLIM
  • Cisco Services Provisioning Platform (SPP)
  • Cisco Smart Care
  • Cisco UCS Invicta Series Autosupport Portal
  • Cisco Unified Services Delivery Platform (CUSDP)
  • Cisco WebEx Meeting Center
  • Cisco WebEx Messenger Service
  • Cisco WebEx Node
  • Communication/Collaboration Sizing Tool, Virtue Machine Placement Tool, Cisco Unified Communications Upgrade Readiness Assessment
  • Partner Supporting Service (PSS) 1.x
  • Partner Supporting Service (PSS) 2.x
  • Serial Number Assessment Service (SNAS)
  • Smart Net Total Care (SNTC)
  • Support Central

  Vulnerable Products

  Product	Defect	Fixed Releases Availability
  Network Application, Service, and Acceleration
  Cisco Visual Quality Experience Server	CSCuy35276
  Cisco Visual Quality Experience Tools Server	CSCuy35276
  Network and Content Security Devices
  Cisco FireSIGHT System Software	CSCuy32284
  Cisco Identity Services Engine (ISE)	CSCuy34700
  Video, Streaming, TelePresence, and Transcoding Devices
  Cisco Edge 340 Digital Media Player	CSCuy35299

   
  

  Products Confirmed Not Vulnerable

  The following products are not affected by the vulnerability described in this advisory.
  
  
  Network Application, Service, and Acceleration
  

  • Content Services Switch

  
  Network and Content Security Devices
  

  • Cisco Web Security Appliance (WSA)

  
  Network Management and Provisioning
  

  • Cisco Insight Reporter
  • Cisco Prime Collaboration Provisioning
  • Cisco UCS Central
  • Local Collector Appliance (LCA)
  • Unified Communications Deployment Tools

  
  Routing and Switching - Enterprise and Service Provider
  

  • Cisco ONS 15454 Series Multiservice Provisioning Platforms

  
  Routing and Switching - Small Business
  

  • Cisco Small Business AP500 Series Wireless Access Points
  • Cisco Small Business RV 120W Wireless-N VPN Firewall
  • Cisco Small Business RV Series Routers 0xxv3
  • Cisco Small Business RV Series Routers RV110W
  • Cisco Small Business RV Series Routers RV130x
  • Cisco Small Business RV Series Routers RV215W
  • Cisco Small Business RV Series Routers RV220W
  • Cisco Small Business RV Series Routers RV315W
  • Cisco Small Business RV Series Routers RV320
  • Cisco Sx220 switches
  • Cisco Sx300 switches
  • Cisco Sx500 switches
  • Cisco WAP4410N Wireless-N Access Point

  
  Voice and Unified Communications Devices
  

  • Cisco Agent Desktop
  • Cisco Packaged Contact Center Enterprise
  • Cisco SPA30X Series IP Phones
  • Cisco SPA50X Series IP Phones
  • Cisco SPA51X Series IP Phones
  • Cisco SPA8000 8-port IP Telephony Gateway
  • Cisco SPA8800 IP Telephony Gateway with 4 FXS and 4 FXO Ports

  
  Video, Streaming, TelePresence, and Transcoding Devices
  

  • Cisco D9865 Satellite Receiver
  • Cisco Enterprise Content Delivery System (ECDS)
  • Cisco Media Services Interface
  • Cisco TelePresence Content Server (TCS)
  • Cisco TelePresence EX Series
  • Cisco TelePresence ISDN GW 3241
  • Cisco TelePresence ISDN GW MSE 8321
  • Cisco TelePresence ISDN Link
  • Cisco TelePresence MCU (8510, 8420, 4200, 4500 and 5300)
  • Cisco TelePresence MX Series
  • Cisco TelePresence Profile Series
  • Cisco TelePresence SX Series
  • Cisco TelePresence Serial Gateway Series
  • Cisco TelePresence Supervisor MSE 8050
  • Cisco Telepresence Integrator C Series
  • Cisco Videoscape Conductor
  • Tandberg Codian ISDN GW 3210/3220/3240
  • Tandberg Codian MSE 8320 model

  
  Wireless
  

  • Cisco RF Gateway 1 (RFGW-1)
  • Cisco Small Business 121 Series Wireless Access Points
  • Cisco Small Business 321 Series Wireless Access Points
  • Cisco Small Business 500 Series Wireless Access Points
  • Cisco WAP371 wireless access point

  
  Cisco Hosted Services
  

  • Business Video Services Automation Software (BV)
  • Cisco Connected Analytics For Collaboration
  • Cisco SMB Market Place
  • Cisco SmartConnection
  • Cisco SmartReports
  • Cisco Universal Small Cell usc-iuh
  • IC Capture
  • Life Cycle Management Agent Manager (LCM)
  • MACD Process Controller (MPC)
  • One View
  • Sentinel
  • Web Element Manager

Details

• The vulnerability name and the associated Common Vulnerabilities and Exposures (CVE) ID for the February 16, 2016, GNU glibc disclosure are as follows:
  
  Glibc libresolv Library Stack-Based Buffer Overflow Vulnerability
  
  A vulnerability in the libresolv library included with glibc could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.
  
  The vulnerability is due to buffer mismanagement when the getaddrinfo function is used to perform dual A/AAAA DNS queries. In some circumstances, responses may be returned in a manner that causes the response to be written past the end of the allocated buffer. An attacker could exploit this vulnerability by sending a crafted DNS response to a targeted system. Successful exploitation could trigger a stack-based buffer overflow condition that the attacker could use to execute arbitrary code or cause a DoS condition.
  
  This vulnerability has been assigned CVE ID CVE-2015-7547.

Workarounds

• Any workarounds will be documented in the Cisco bugs, which are accessible through the Cisco Bug Search Tool.

Fixed Software

• Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:
   
  http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html
  
  Additionally, customers may only download software for which they have a valid license, procured from Cisco directly or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.
  
  When considering software upgrades, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.
  
  In all cases, customers should ensure that the devices to upgrade contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
  

  Customers Without Service Contracts

  Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco Technical Assistance Center (TAC):
  
  http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
  
  Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.
  

Exploitation and Public Announcements

• The Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory.

Source

• This vulnerability was publicly disclosed by Red Hat and Google on February 16, 2016.

URL

• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-glibc

Revision History

• Version	Description	Section	Status	Date
  1.0	Initial public release	—	Interim	2016-February-18

  Show Less

Legal Disclaimer

• THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.

  A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.