Cisco Ironport and heartbeat information disclosure - Vulnerability Note VU#720951

tbooher-lw · ‎04-08-2014

Has there been any word from Cisco if Ironport software is vulnerable to this issue/bug?

http://www.kb.cert.org/vuls/id/720951

bikejunkie · ‎04-08-2014

Looking for info as well. Not sure how to check on the Ironport devices if OpenSSL is even used. Please update this thread with information. We have our security teams looking to know what the status is of the vulnerability.

Also, it is the heart bleed vulnerability. You can also see more information at www.heartbleed.com

Robert Sherwin · ‎04-09-2014

Just making sure to update the thread, as requested. I have also created the same information in the announcements on the top of page:

As of Wednesday morning, April 9, we are pending an update from our PSIRT, which handles all vulnerability and security responses for all Cisco Products.

The official PSIRT information can be found at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

Please expand the Affected Products -> Vulnerable Products/Products Confirmed Not Vulnerable to view the latest product listings. Our products, Email and Web Security (ESA, IEA, WSA, SMA), and/or AsyncOS, will be listed once they update this public facing information.

The Cisco PSIRT is investigating the impact of this vulnerability on Cisco products and will disclose any vulnerabilities according to our security policy, which is available at:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

For any and all inquires regarding the vulnerabtiliy, please contact the Cisco PSIRT at psirt@cisco.com

At this time, please see the following information from our Security Intelligence Operations:
http://tools.cisco.com/security/center/viewAlert.x?alertId=33695

Cheers,
Robert Sherwin

Robert Sherwin · ‎04-09-2014

Please note the updated announcement for our products:

As of Wednesday, April 9, Cisco Email and Web Security had been updated from our PSIRT, which handles all vulnerability and security responses for all Cisco products.

The official PSIRT information can be found at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed

Please expand the Affected Products -> Products Confirmed Not Vulnerable to view the latest Cisco product listings. Our products, Email and Web Security (ESA, IEA, WSA, SMA), are listed and updated in this public facing information.

The Cisco PSIRT continues to investigate the impact of this vulnerability on Cisco products, and will disclose any vulnerabilities according to our security policy, which is available at:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

For any and all inquires regarding this vulnerability and the public facing notification, please contact the Cisco PSIRT at psirt@cisco.com

Also, please see the following information released Tuesday, April 8, from our Security Intelligence Operations:
http://tools.cisco.com/security/center/viewAlert.x?alertId=33695

Cheers,
Robert Sherwin

Robert Sherwin · ‎04-08-2014

Yes, we are aware of this current vulnerability - and our PSIRT team is working to address this developing issue.

The Cisco PSIRT is investigating the impact of this vulnerability on Cisco products and will disclose any vulnerabilities according to our security policy, which is available at:
http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html

For any and all inquires regarding the vulnerabtiliy, please contact the Cisco PSIRT at psirt@cisco.com

At this time, please see the following information from our Security Intelligence Operations:

http://tools.cisco.com/security/center/viewAlert.x?alertId=33695

-Robert

Cheers,
Robert Sherwin