Solved: OpenSSL Heartbeat Extension Vulnerability for MXP Series

Ernie Tsang · ‎04-22-2014

In the list of Cisco products are currently under investigation, Tandberg 770/880/990 MXP Series are on the list. While in the list that products have been analyzed and are not affected by this vulnerability, it has mentioned that Cisco TelePresence MXP Series. It is quite confused...

Can I conclude it as: Except 770/880/990 MXP, all other MXP series are confirmed not affected by this vulnerability? Thanks a lot.

Wayne DeNardi · ‎04-22-2014

In the Advisory the Cisco TelePresence MXP Series are listed in the "Products Confirmed Not Vulnerable" section. I'm guessing as the others are listed as "Tandberg" products, not Cisco ones, they've been forgotten, or someone hasn't realised they're the same thing.

In a nutshell, they run a different operating system, and therefore don't run the affected versions of OpenSSL, so are not vulnerable.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Wayne

Please remember to mark helpful responses and to set your question as answered if appropriate.

View solution in original post

Wayne DeNardi · ‎04-22-2014

In the Advisory the Cisco TelePresence MXP Series are listed in the "Products Confirmed Not Vulnerable" section. I'm guessing as the others are listed as "Tandberg" products, not Cisco ones, they've been forgotten, or someone hasn't realised they're the same thing.

In a nutshell, they run a different operating system, and therefore don't run the affected versions of OpenSSL, so are not vulnerable.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Wayne

Please remember to mark helpful responses and to set your question as answered if appropriate.