Cisco published several security advisories and updates this week, most of which were classified medium severity. The most recent involves four OpenSSL vulnerabilities affecting multiple Cisco products.
The vulnerabilities were disclosed this week by the OpenSSL Project. They involve denial of service (DoS), memory leak, and cryptographic protection deficiencies.
A laundry list of Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities, the company says. They could allow an unauthenticated, remote attacker to cause a DoS condition.
Cisco says it is currently evaluating its product line to determine which products may be affected and the impact on each product. The company will release software updates that address the vulnerabilities, and says workarounds to mitigate them are not available.
Affected products will have bug fixes published here.
Cisco will update its security advisory on the condition as additional information becomes available. The company is not aware of any malicious use of the vulnerabilities.
More from Cisco Subnet:
Follow Jim Duffy on Twitter