The Shellshock bash bug is a critical security hole for all Unix, Linux and *nix based systems. Bash(Unix Shell) is a piece of Software released by Brian Fox in 1989 for the GNU Project.
The bug can affect you trough malicious requests sent to web servers or network devices.
A number of Cisco products use an affected version of the Bash shell.
Cisco made an official statement that meraki devices are not affected from the Shellshock and Heartbleed vulnerability. See detailed information at the official cisco website.
Cisco Meraki Shellshock
Cisco Meraki Heartbleed
There is a very simple test to check if you are vulnerable. Run the following lines in your default shell.
env x="() { :;} ; echo vulnerable" /bin/sh -c "echo stuff" env x="() { :;} ; echo vulnerable" 'which bash' -c "echo completed"
Network Application, Service, and Acceleration
- Cisco ACE Application Control Engine Module for the Cisco Catalyst 6500 [CSCur02931]
- Cisco ASA CX and Cisco Prime Security Manager [CSCur01959]
- Cisco Application Control Engine (ACE30/ ACE 4710) [CSCur02195]
- Cisco Application and Content Networking System (ACNS) [CSCur05564]
- Cisco Clean Access Manager [CSCur05566]
- Cisco DC Health Check [CSCur09963]
- Cisco GSS 4492R Global Site Selector [CSCur02747]
- Cisco NAC Appliance [CSCur03364]
- Cisco NAC Server [CSCur05575]
- Cisco NetAuthenticate [CSCur05632]
- Cisco Smart Call Home [CSCur05551]
- Cisco Smart Care [CSCur05638]
- Cisco Sourcefire Defense Center and Sensor Product – None
- Cisco Visual Quality Experience Server [CSCur06775]
- Cisco Visual Quality Experience Tools Server [CSCur06775]
- Cisco Wide Area Application Services (WAAS) [CSCur02917]
Network and Content Security Devices
- Cisco FireSIGHT [CSCur05199]
- Cisco Identity Services Engine (ISE) [CSCur00532]
- Cisco Intrusion Prevention System Solutions (IPS) [CSCur00552]
- Cisco IronPort Encryption Appliance [CSCur02831]
- Cisco NAC Guest Server [CSCur05629]
- Cisco Physical Access Gateway [CSCur05343]
- Cisco Physical Access Manager [CSCur05357]
- Cisco Secure Access Control Server (ACS) [CSCur00511]
Network Management and Provisioning
- Cisco Access Registrar Appliance
Cisco Prime Access Registrar Appliance [CSCur10557] - Cisco Digital Media Manager (DMM) [CSCur05123]
- Cisco Enterprise Content Delivery Service [CSCur02848]
- Cisco MXE Series [CSCur05088]
- Cisco Media Experience Engines (MXE) [CSCur05088]
- Cisco NetFlow Collection Agent [CSCur05232]
- Cisco Network Analysis Module [CSCur05225]
- Cisco Prime Collaboration Assurance [CSCur04820]
- Cisco Prime Collaboration Deployment [CSCur07766]
- Cisco Prime IP Express [CSCur05200]
- Cisco Prime Infrastructure [CSCur05228]
- Cisco Prime LAN Management Solution [CSCur05125]
- Cisco Prime License Manager [CSCur05098]
- Cisco Prime Network Registrar (CPNR) Jumpstart [CSCur05136]
- Cisco Prime Network Services Controller [CSCur05617]
- Cisco Prime Service Catalog Virtual Appliance [CSCur10723]
- Cisco Quantum SON Suite [CSCur05662]
- Cisco Quantum Virtualized Packet Core [CSCur05662]
- Cisco Show and Share (SnS) [CSCur05123]
- Cisco UCS Central [CSCur05093]
- Cisco Unified Intelligence Center (CUIC) [CSCur02891]
- Data Center Analytics Framework (DCAF) [CSCur09685]
- Digital Media Manager (DMM) [CSCur03217]
- Local Collector Appliance (LCA) [CSCur05780]
- Network Configuration and Change Management [CSCur05794]
- Network Performance Analytics (NPA) [CSCur05788]
- Prime Collaboration Provisioning [CSCur04871]
Routing and Switching – Enterprise and Service Provider
- Cisco ASR 5000 Series [CSCur05102]
- Cisco IOS-XE for ASR1k, ASR903, ISR4400, CSR1000v [CSCur02734]
- Cisco IOS-XE for Catalyst 3k, 4k, AIR-CT5760, and Cisco RF Gateway 10 (RFGW-10) [CSCur03368]
- Cisco MDS [CSCur01099]
- Cisco Nexus 1000 Virtual Supervisor Module (VSM) [CSCur04438]
- Cisco Nexus 1010 [CSCur04510]
- Cisco Nexus 3000 / 3500 [CSCur04934]
- Cisco Nexus 4000 [CSCur05610]
- Cisco Nexus 5000/6000 [CSCur05017]
- Cisco Nexus 7000 Series Switches [CSCur04856]
- Cisco Nexus 7000 [CSCuq98748]
- Cisco Nexus 9000 running NxOS [CSCur02700]
- Cisco Nexus 9000 [CSCur02102]
- Cisco OnePK All-in-One VM [CSCur04925]
- Cisco Service Control Engine 1010 [CSCur05021]
- Cisco Service Control Engine 8000 [CSCur05021]
- IOS-XR for Cisco Network Convergence System (NCS) 6000 [CSCur02177]
Unified Computing
- Cisco Standalone rack server CIMC [CSCur03816]
- Cisco UCS Director [CSCur02877]
- Cisco UCS Invicta Appliance [CSCur05026]
- Cisco UCS Manager [CSCur01379]
- Cisco USC Invicta Series Autosupport Portal [CSCur07304]
- Cisco USC Invicta Series [CSCur04651]
- Cisco Unified Computing System B-Series (Blade) Servers [CSCur05081]
- Cisco Virtual Security Gateway for Microsoft Hyper-V [CSCur05042]
- Cisco Virtualization Experience Client 6215 [CSCur05844]
Voice and Unified Communications Devices
- Cisco Business Edition 3000 (BE3k) [CSCur08462]
- Cisco Emergency Responder [CSCur05434]
- Cisco Finesse [CSCur02866]
- Cisco Hosted Collaboration Mediation Fulfillment [CSCur05477]
- Cisco IM and Presence Service (CUPS) [CSCur05454]
- Cisco IP Interoperability and Collaboration System (IPICS) [CSCur05245]
- Cisco MediaSense [CSCur02875]
- Cisco Paging Server (Informacast) [CSCur04834]
- Cisco SocialMiner [CSCur02880]
- Cisco Unified Communications Domain Manager [CSCur01180]
- Cisco Unified Communications Manager (CUCM) [CSCur00930]
- Cisco Unified Contact Center Express (UCCX) [CSCur02861]
- Cisco Unity Connection (UC) [CSCur05328]
Video, Streaming, TelePresence, and Transcoding Devices
- Cisco AutoBackup Server [CSCur09315]
- Cisco D9036 Modular Encoding Platform [CSCur04504]
- Cisco Digital Media Player (DMP) 4310 [CSCur05628]
- Cisco Download Server (DLS) (RH Based) [CSCur09318]
- Cisco Edge 300 Digital Media Player [CSCur02761]
- Cisco Edge 340 Digital Media Player [CSCur02751]
- Cisco Media Experience Engine (MXE) [CSCur04893]
- Cisco PowerVu D9190 Conditional Access Manager (PCAM) [CSCur05774]
- Cisco Show and Share [CSCur03539]
- Cisco StadiumVision Director [CSCur30139]
- Cisco StadiumVision Mobile Reporter [CSCur30167]
- Cisco StadiumVision Mobile Streamer [CSCur30155]
- Cisco TelePresence 1310 [CSCur05163]
- Cisco TelePresence Conductor [CSCur02103]
- Cisco TelePresence Exchange System (CTX) [CSCur05335]
- Cisco TelePresence ISDN Link [CSCur05025]
- Cisco TelePresence Manager (CTSMan) [CSCur05104]
- Cisco TelePresence Multipoint Switch (CTMS) [CSCur05344]
- Cisco TelePresence Recording Server (CTRS) [CSCur05038]
- Cisco TelePresence System 1000 [CSCur05163]
- Cisco TelePresence System 1100 [CSCur05163]
- Cisco TelePresence System 1300 [CSCur05163]
- Cisco TelePresence System 3000 Series [CSCur05163]
- Cisco TelePresence System 500-32 [CSCur05163]
- Cisco TelePresence System 500-37 [CSCur05163]
- Cisco TelePresence TE Software (for E20 – EoL) [CSCur05162]
- Cisco TelePresence TX 9000 Series [CSCur05163]
- Cisco TelePresence Video Communication Server (VCS/Expressway) [CSCur01461]
- Cisco TelePresence endpoints (C series, EX series, MX series, MXG2 series, SX series) and the 10″ touch panel [CSCur02591]
- Cisco VDS Service Broker [CSCur05679]
- Cisco Video Distribution Suite for Internet Streaming VDS-IS [CSCur05320]
- Cisco Video Surveillance Media Server [CSCur05423]
- Cisco Virtual PGW 2200 Softswitch [CSCur05847]
Cisco Hosted Services
- Cisco Cloud Services [CSCur05334]
- Cisco Intelligent Automation for Cloud [CSCur05134]
- Cisco Life Cycle Management (LCM) [CSCur05242]
- Cisco Proactive Network Operations Center [CSCur05856]
- Cisco Universal Small Cell CloudBase [CSCur05647]
- Cisco WebEx Node [CSCur10599]
- Web Element Manager [CSCur09009]
For more detailed information see original post from Cisco [cisco-sa-20140926-bash]