We have Cisci UCS blade servers B420 M3 serial : FCH1710J7JP
and the Fabric Interconnect : UCS-FI-6248UP
I need to know if those product are vulnerable for ShellShock
If they are vulnerable witch patch I need to install ?
3.0(1d) ==> ETA week of 10/13
2.2(3b) ==> released 10/9
2.2(2e) ==> ETA week of 10/13
2.2(1f) ==> ETA week of 10/13
2.1(3f) ==> ETA will be announced shortly
2.0(5g) ==> ETA will be announced shortly
All six CVEs, CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187 CVE-2014-6278, and CVE-2014-6277 have been fixed.
The 2.2(3b) release was published to CCO on 10/9. The other 2.2 release trains will be updated in the week of 10/13. The release schedule for the 2.0 and 2.1 release trains will be announced soon - release candidates are currently still in QA.
Yep, your Fabric Interconnect is, and there is no patch released yet.
Here is the bug: https://tools.cisco.com/bugsearch/bug/CSCur01379
The access to the FI Management Address has to be in a protected domain to block potential exploitation of the vulnerability.
Here is a link to the Security Advisory: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis...