Symptom
The openSSL libraries used in N1kv version 5.2(1)SV3(1.1) is affected by the following CVE's:
CVE-2014-3508
CVE-2014-3511
CVE-2014-3512
CVE-2014-5139
Conditions
Device with default configuration.
Workaround
no feature onep
no feature scp-server
no feature ssh
no feature vmtracker
Further Problem Description
Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html
PSIRT Evaluation:
The Cisco PSIRT has assessed these vulnerabilities using the Base and Temporal CVSS scores from the National Vulnerability Database (NVD).
Details about the third-party software vulnerabilities listed above, as well as their CVSS score can be found at the following URL:
http://web.nvd.nist.gov/view/vuln/search
Additional information on Cisco's security vulnerability policy can be found at the following URL:
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
