First Published: July 30, 2020

Last Updated: November 27, 2023

Cisco UCS C-Series and S-Series Servers

Cisco UCS C-Series and S-Series Servers deliver unified computing in an industry-standard form factor to reduce total cost of ownership and increase agility. Each product addresses varying workload challenges through a balance of processing, memory, I/O, and internal storage resources.

About the Release Notes

This document describes the new features, system requirements, open caveats and known behaviors for C-Series and S-Series software release 4.1(2) including Cisco Integrated Management Controller (Cisco IMC) software and any related BIOS, firmware, or drivers. Use this document in conjunction with the documents listed in the Related Documentation section.


Note

We sometimes update the documentation after original publication. Therefore, you should also refer to the documentation on Cisco.com for any updates.

Revision History

Revision

Date

Description

K0

November 27, 2023

Created release notes for 4.1(2m).

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1
J0

April 27, 2023

Created release notes for 4.1(2l).

Following section was updated:

  • Resolved Caveats

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

I0

June 27, 2022

Created release notes for 4.1(2k).

Following section was updated:

  • Security Fixes

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

A1

June 2, 2022

Updated Open Caveats for 4.1(2a)

H0

May 10, 2022

Created release notes for 4.1(2j).

Following section was updated:

  • Security Fixes

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

F1

January 27, 2022

Updated Security Fixes for 4.1(2g).

G0

January 17, 2022

Created release notes for 4.1(2h).

Following sections are updated:

  • Resolved Caveats

  • New Software Features in Release 4.1

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

F0

September 16, 2021

Created release notes for 4.1(2g).

Following sections are updated:

  • Resolved Caveats

  • New Software Features in Release 4.1

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

B2

July 22, 2021

Updated Known Behaviors and Limitations section for 4.1(2b).

E1

March 30, 2021

Updated Resolved Caveats for 4.1(2f).

E0

February 16, 2021

Created release notes for 4.1(2f).

Following sections are updated:

  • Resolved Caveats

  • Security Fixes

  • New Software Features in Release 4.1

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

D1

February 01, 2021

Added Downgrade Limitation for Cisco UCS C125 M5 Servers.

D0

January 19, 2021

Created release notes for 4.1(2e).

Following sections are updated:

  • New Software Features in Release 4.1

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

C0

December 01, 2020

Created release notes for 4.1(2d).

Following sections are updated:

  • New Software Features in Release 4.1

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

B1

October 29, 2020

 Updated Open Caveats for 4.1(2b).

B0

October 21, 2020

Created release notes for 4.1(2b).

Following sections are updated:

  • Deprecation Notice

  • Open Caveats

  • Resolved Caveats

  • New Software Features in Release 4.1

  • New Hardware Features in Release 4.1

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

A0

July 30, 2020

Created release notes for 4.1(2a).

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1

Deprecation Notice

The 56-bit symmetric block cipher Data Encryption Standard (DES), used for secure communication of SNMP v3 notifications to the NMS (Network Monitoring System) of the user, is no longer considered sufficiently secure and does not meet the security baseline for UCS products. Therefore, DES will be deprecated as a configurable option (privacy type) for SNMP v3 users in future releases of Cisco IMC Software, starting with the upcoming 4.1(3) version release. However, DES will continue to be made available as a configurable encryption option (privacy type) for SNMP v3 users running previous Cisco IMC Software versions.

Supported Platforms and Release Compatibility Matrix

Supported Platforms in this Release

The following Cisco UCS servers are supported in this release:

  • UCS C125 M5

  • UCS C220 M5

  • UCS C240 SD M5

  • UCS C240 M5

  • UCS C480 M5

  • UCS C480 ML M5

  • UCS S3260 M5

  • UCS C220 M4

  • UCS C240 M4

  • UCS C460 M4

  • UCS S3260 M4

For information about these servers, see Overview of Servers.

Cisco IMC and Cisco UCS Manager Release Compatibility Matrix

Cisco UCS C-Series and S-Series Rack-Mount Servers are managed by built-in standalone software —Cisco IMC. However, when a Rack-Mount Server is integrated with Cisco UCS Manager, the Cisco IMC does not manage the server anymore.

The following table lists the supported platforms, Cisco IMC releases, and Cisco UCS Manager releases for Rack-Mount Servers:

Table 1. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.1(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.1(2m)

No Support

Cisco UCS C220 M4, C240 M4 and C460 M4 servers.

4.1(2l)

No Support

Cisco UCS C220 M4 and C240 M4 servers.

4.1(2k)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2j)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2h)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2g)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2f)

4.1(2c)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(2e)

No Support

Cisco UCS C125 M5 servers

4.1(2d)

No Support

Cisco UCS C240 M5 and C240 SD M5 servers

4.1(2b)

4.1(2b)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(2a)

4.1(2a)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

Table 2. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.1(1) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.1(1h)

4.1(1e)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(1g)

4.1(1d)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(1f)

4.1(1c)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(1d)

4.1(1b)

Cisco UCS C220 M5, C240 M5, C480 M5, and C480 ML M5 servers

4.1(1c)

4.1(1a)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers
Table 3. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.0(4) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.0(4n)

4.0(4l)

Cisco UCS C220 M5, C240 M5, C480 M5, and S3260 M5 servers

4.0(4m)

4.0(4j)

Cisco UCS C220 M5, C240 M5, C480 M5, and S3260 M5 servers

4.0(4l)

4.0(4i)

Cisco UCS C220 M5, C240 M5, C480 M5, and S3260 M5 servers

4.0(4k)

4.0(4h)

Cisco UCS C220 M5, C240 M5, and S3260 M5 servers

4.0(4j)

No Support

Cisco UCS S3260 M5 servers

4.0(4i)

4.0(4g)

Cisco UCS C220 M5, C240 M5, C480 M5 and S3260 M5 servers

4.0(4h)

4.0(4e)

Cisco UCS C220 M5, C240 M5, C480 M5 and S3260 M5 servers

4.0(4f)

4.0(4d)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M5 and C480 ML M5 servers

4.0(4e)

4.0(4c)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M5 and C480 ML M5 servers

4.0(4d)

No Support

Cisco UCS C220 M5, C240 M5, C480 M5 and S3260 M5 servers

4.0(4b)

4.0(4a)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M5 and C480 ML M5 servers
Table 4. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.0(3) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.0(3b)

4.0(3a)

Cisco UCS C220 M5 and C240 M5 servers
Table 5. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.0(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.0(2r)

 No support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers.

4.0(2q)

4.0(4l)

Cisco UCS C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2p)

No support.

Cisco UCS C125 M5 servers

4.0(2o)

4.0(4j)

Cisco UCS C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2n)

No support.

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2m)

No support.

Cisco UCS S3260 M4 and M5 servers

4.0(2l)

No support.

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2k)

No support.

Cisco UCS S3260 M4 and M5 servers

4.0(2i)

No support.

Cisco UCS C460 M4, S3260 M4, and S3260 M5 servers

4.0(2h)

4.0(2e)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2f)

4.0(2d)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2d)

4.0(2b)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.0(2c)

4.0(2a)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers
Table 6. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.0(1) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.0(1h)

No support.

Cisco UCS C220 M4, C240 M4, C460 M4, C220 M5, C240 M5, C480 M5 servers and C125 M5

4.0(1g)

No support.

Cisco UCS C220 M4, C240 M4, C460 M4, C220 M5, C480 M5 servers and C125 M5

4.0(1e)

No support.

Cisco UCS M4, M5 servers and C125 M5

4.0(1d)

4.0(1d)

Cisco UCS M4, M5 servers and C125 M5

4.0(1c)

4.0(1c)

Cisco UCS M4, M5 servers and C125 M5

4.0(1b)

4.0(1b)

Cisco UCS M4, M5 servers and C125 M5

4.0(1a)

4.0(1a)

Cisco UCS M4, M5 servers and C125 M5
Table 7. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.1(3) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

3.1(3k)

3.2(3p)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3j)

No Support

Note

 

We support discovery and upgrade or downgrade functions with Cisco UCS Manager.

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3i)

3.2(3i)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3h)

3.2(3h)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3g)

3.2(3g)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3d)

3.2(3e)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3c)

3.2(3d)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers

3.1(3b)

3.2(3b)

Cisco UCS C480 M5, C220 M5, and C240 M5 servers

3.1(3a)

3.2(3a)

Cisco UCS C480 M5, C220 M5, C240 M5, and S3260 M5 servers
Table 8. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.1(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

3.1(2d)

3.2(2d)

Cisco UCS C480 M5, C220 M5, and C240 M5

3.1(2c)

3.2(2c)

Cisco UCS C480 M5, C220 M5, and C240 M5

3.1(2b)

3.2(2b)

Cisco UCS C480 M5, C220 M5, and C240 M5

Table 9. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.1(1) Release

C-Series Standalone Release

Cisco UCS Manager Release

C-Series Servers

3.1(1d)

3.2(1d)

Cisco UCS C220 M5/C2540 M5

Table 10. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.0(4) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack-Mount Servers

3.0(4s)

No support

Cisco UCS C220 M3, C240 M3, C3160 M3, S3260 M4

3.0(4r)

No support

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4q)

No support

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4p)

3.2(3o)

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4o)

No support

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4n)

No support.

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4m)

No support.

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4l)

No support.

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4k)

No support.

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4j)

3.1(3k)

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4i)

3.1(3j)

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4e)

No support

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4d)

3.1(3h)

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3

3.0(4a)

3.1(3f)

Cisco UCS C220 M4, C240 M4, C460 M4, S3260 M4, C22 M3, C24 M3, C220 M3, C240 M3, C3160 M3, S3260 M3
Table 11. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.0(3) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack-Mount Servers

3.0(3f)

-

Cisco UCS C240 M4, and C220 M4

3.0(3e)

3.0(3e)

Cisco UCS C22 M3, C24 M3, C220 M3, C240 M3, C220 M4, C240 M4, C460 M4, C3160 M3, S3260 M4 and S3260 M3 servers

3.0(3c)

3.0(3c)

Cisco UCS C240 M4, and C220 M4

3.0(3b)

3.0(3b)

Cisco UCS S3260 M3, C3160 M3, C460 M4, C240 M4, and C220 M4

3.0(3a)

3.1(3a)

Cisco UCS C22 M3, C24 M3, C220 M3, C240 M3, C220 M4, C240 M4, C460 M4, C3160 M3, S3260 M4 and S3260 M3 servers
Table 12. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.0(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack-Mount Servers

3.0(2b)

No Support

Note

 

We support discovery and upgrade or downgrade functions with Cisco UCS Manager.

C220 M4/C240 M4 only

Table 13. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 3.0(1) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack-Mount Servers

3.0(1d)

No Support

Note

 

We support discovery and upgrade or downgrade functions with Cisco UCS Manager.

All M3/M4 except C420 M3

3.0(1c)

No Support

All M3/M4 except C420 M3

Cisco IMC Release

UCS Manager Release

Rack Mount Servers

2.0(13e)

3.1(2b)

All M3/M4 except C420 M3

2.0(10b)

3.1(1g)

C220 M4/C240 M4 only

2.0(9c)

3.1(1e)

All other M3/M4

2.0(9f)

2.2(7b)

For all other M3/M4

2.0(10b)

2.2(7b)

C220 M4/C240 M4 only

1.5(9d)

2.2(7b)

C420-M3, C260-M2, C460-M2 only

1.5(9d)

2.2(8f)

C420-M3, C260-M2, C460-M2 only

2.0(9c)

2.2(8f)

For all other M3/M4

2.0(10b)

2.2(8f)

C220 M4/C240 M4 only

2.0(12b)

2.2(8f)

C460 M4 only

1.5(8a)

2.2(6g)

C420 M3, C260 M2, C460 M2 only

2.0(8d)

2.2(6c)

For all other M3/M4

1.5(7f)

2.2(5b)

C420 M3, C260 M2, C460 M2 only

2.0(6d)

2.2(5a)

For all other M3/M4

1.5(7a)2

2.2(4b)

C420 M3, C260 M2, C460 M2 only

2.0(4c)

2.2(4b)

For all other M3/M4

1.5(7c)1

2.2(3b)

C420 M3, C260 M2, C460 M2 only

2.0(3d)1

2.2(3a)

For all other M3/M4

Operating System and Browser Requirements

For detailed information about supported Operating System, see the interactive UCS Hardware and Software Compatibility matrix.

Cisco recommends the following browsers for Cisco UCS Rack Server Software, Release 4.1(2):

  • Microsoft Edge 87.0.664.47 or higher (64-bit)

  • Google Chrome Version 87.0.4280.66 or higher (64-bit)

  • Microsoft Internet Explorer 11.0.9600 or higher

  • Mozilla Firefox 66.0.2 or higher (64-bit)

  • Safari 14.0.1 or higher


Note

If the management client is launched using an unsupported browser, check the help information from the For best results use supported browsers option available in the login window for the supported browser versions.

Transport Layer Security (TLS) version 1.2.

Hardware and Software Interoperability

For detailed information about storage switch, operating system and adapter, see the Hardware and Software Interoperability Matrix for your release located at:

http://www.cisco.com/en/US/products/ps10477/prod_technical_reference_list.html


Note

Connectivity is tested between the server and the first connected device. Further connections, such as to storage arrays after a switch are not listed in the Cisco UCS Hardware Compatibility List though they may be highlighted in the vendor support matrix for those devices.

For details about transceivers and cables that are supported on VIC cards, see the Transceiver Modules Compatibility Matrix

You can also see the VIC data sheets for more compatibility information: Cisco UCS Virtual Interface Card Data Sheets

Upgrade Paths to Release 4.1

The section provides information on the upgrade paths to release 4.1.


Important

While upgrading Cisco UCS C220 M5, C240 M5 or C480 M5 servers to release 4.1 under the following conditions:

  • if you are upgrading from any release earlier than 4.0(4)

  • if Legacy Boot Mode is enabled and no Cisco IMC Boot Order is configured

  • and, if the server is booting from Cisco HWRAID adapter

then, you should perform one of the following before upgrading:

Refer to the table for upgrade paths for various Cisco UCS C-series IMC versions.

Table 14. Upgrade Paths to Release 4.1

Upgrade From Release

Upgrade To Release

Recommended Upgrade Path

All M4 and M5 Servers from 4.0

 4.1

Follow below upgrade path:

  • You can use Interactive HUU or Non-Interactive HUU (NIHUU) script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 4.1(2a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • Download HUU iso from here.

  • Download NIHUU script from here.

All M5 Servers from 3.1

 4.1

Follow below upgrade path:

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 4.1(2a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • Download HUU iso from here.

  • Download NIHUU script from here.

For all M4 servers for releases greater than 3.0(3a)

4.1

Follow these steps to upgrade from releases greater than 3.0(3a) to 4.1(2a):

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 4.1(2a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • If you wish to secure Cimc Boot, set flag use_cimc_secure as yes in multiserver_config file present with python script.

  • Download HUU iso from here.

  • Download NIHUU script from here.

For all M4 servers for release lesser than 3.0(3a) except C460 M4

For C460 M4 servers for release 2.0(4c) to 3.0(3a)

4.1

Follow these steps to upgrade from releases less than 3.0(3a) to 4.1(2a):

Upgrade from version less than 3.0(3a) to 3.0(3a)

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the Non-Interactive HUU (NIHUU) tool, use the Python scripts that are released with version 3.0(3a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • Download HUU iso from here.

  • Download NIHUU script from here.

Upgrade from 3.0(3a) to 4.1

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 4.1(2a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • If you wish to secure Cimc Boot, set flag use_cimc_secure as yes in multiserver_config file present with python script.

  • Download HUU iso from here.

  • Download NIHUU script from here.

For C460 M4 servers for release lesser than 2.0(4c)

4.1

Follow these steps to upgrade from releases less than 2.0(4c) to 4.1(2a):

Upgrade from version less than 2.0(4c) to 2.0(4c)

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 2.0(4c).

  • Use OpenSSL 1.0.0-fips on the client side (where the NIHUU python scripts are running).

  • If you wish to secure Cimc Boot, set flag use_cimc_secure as yes in multiserver_config file present with python script.

  • Download HUU iso from here.

  • Download NIHUU script from here.

Upgrade from 2.0(4c) to 3.0(3a)

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 3.0(3a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • If you wish to secure Cimc Boot, set flag use_cimc_secure as yes in multiserver_config file present with python script.

  • Download HUU iso from here.

  • Download NIHUU script from here.

Upgrade from 3.0(3a) to 4.1

  • You can use Interactive HUU or NIHUU script to update the server.

  • While updating the firmware using the NIHUU tool, use the Python scripts that are released with version 4.1(2a).

  • Use OpenSSL 1.0.1e-fips on the client side (where the NIHUU python scripts are running).

  • If you wish to secure Cimc Boot, set flag use_cimc_secure as yes in multiserver_config file present with python script.

  • Download HUU iso from here.

  • Download NIHUU script from here.

Firmware Upgrade Details

Firmware Files

For details of Unified Computing System (UCS) Server Firmware, drivers, and utilities for release 4.1(2), seeCisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1.


Note

Always upgrade the BIOS, the Cisco IMC and CMC from the HUU ISO. Do not upgrade individual components (only BIOS or only Cisco IMC), since this could lead to unexpected behavior. If you choose to upgrade BIOS, and the Cisco IMC individually and not from the HUU ISO, make sure to upgrade both Cisco IMC, and BIOS to the same container release. If the BIOS and the Cisco IMC versions are from different container releases, it could result in unexpected behavior. Cisco recommends that you use the Update All option from the Host Upgrade Utility to update the firmware versions of Cisco IMC, BIOS, and all other server components (VIC, RAID Controllers, PCI devices, and LOM) together.

Host Upgrade Utility

The Cisco Host Upgrade Utility (HUU) is a tool that upgrades the Cisco UCS C-Series firmware.

The image file for the firmware is embedded in the ISO. The utility displays a menu that allows you to choose which firmware components to upgrade. For more information on this utility, see http://www.cisco.com/en/US/products/ps10493/products_user_guide_list.html.

For details of firmware files in Cisco Host Upgrade Utility for individual releases, see Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.1.

Updating the Firmware

Use the Host Upgrade Utility to upgrade the C-Series firmware. Host Upgrade Utility can upgrade the following software components:

  • BIOS

  • Cisco IMC

  • CMC

  • Cisco VIC Adapters

  • LSI Adapters

  • LAN on Motherboard

  • PCIe adapter firmware

  • HDD firmware

  • SAS Expander firmware

  • DCPMM Memory

All firmware should be upgraded together to ensure proper operation of your server.


Note

We recommend that you use the select all and Update or Update & Activate All option from the Host Upgrade Utility to update the firmware versions of Cisco IMC, BIOS and all other server components (VIC, RAID Controllers, PCI devices, and LOM) together. Click Exit once you deploy the firmware.

For more information on how to upgrade the firmware using the utility, see:

http://www.cisco.com/c/en/us/support/servers-unified-computing/ucs-c-series-rack-servers/products-user-guide-list.html

Downgrade Limitation

Downgrade Limitation for Cisco UCS C125 M5 Servers

Release 4.1(2e) introduces AMD Platform Secure Boot (PSB) in Cisco UCS C125 M5 servers that implements hardware-rooted boot integrity. Once you upgrade to release 4.1(2e) or later, you cannot:

  • downgrade Cisco UCS C125 M5 Rack Server Node based on 2nd Gen AMD EPYC 7002 Series Processors (Rome) to any release earlier than 4.1(2e).

  • downgrade Cisco UCS C125 M5 Rack Server Node based on AMD EPYC 7001 (Naples) to any release earlier than 4.0(2p).

New Software Features in Release 4.1

New Software Features in Release 4.1(2l)

There are no new software features introduced for this release.

New Software Features in Release 4.1(2e)

The following new software features are supported in Release 4.1(2e):

  • Release 4.1(2e) introduces AMD Platform Secure Boot (PSB) in Cisco UCS C125 M5 servers that implements hardware-rooted boot integrity. PSB ensures the integrity and authenticity of ROM image by using the root of trust integrated in the hardware.

New Software Features in Release 4.1(2b)

The following new software features are supported in Release 4.1(2b):

New Software Features in Release 4.1(2a)

The following new software features are supported in Release 4.1(2a):

  • Geneve Offload—Beginning with release 4.1(2a), Cisco IMC supports Generic Network Virtualization Encapsulation (Geneve) Offload feature with Cisco VIC 14xx series adapters.

  • Secure LDAP—Beginning with release 4.1(2a), users have an option to enable Secure LDAP separately. If Secure LDAP is enabled, it is mandatory to upload the LDAP Server CA certificate. Cisco IMC GUI enables you to upload the LDAP Server CA certificate while enabling Secure LDAP.

  • Admin FEC Mode no longer supports Auto mode. Default value is set to cl91. For more information on how to set the Admin FEC mode for your card, see Configuring Network Adapter Properties section in Cisco UCS C-Series Integrated Management Controller GUI Configuration Guide, Release 4.1 or Cisco UCS C-Series Servers Integrated Management Controller CLI Configuration Guide, Release 4.1 .

  • Following BIOS tokens have been added depending on the type of server:

    BIOS Token

    Supported Servers

    PCIe PLL SSC

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, and C125 M5 servers

    External SSC enable

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, and C125 M5 servers

    PCIe Slot MSTOR RAID OptionROM

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and C125 M5 servers

    Uncore Frequency Scaling

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers.

    Configurable TDP Level

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers.

    UPI Link Frequency Select

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers

    CR QoS

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers

    Snoopy mode for AD

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers

    CR FastGo Config

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers

    NVM Performance Setting

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers

    Snoopy mode for 2LM

    Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, and S3260 M5 servers

  • Support for External Certificate and Private key import: Release 4.1(2a) onwards, you can choose to upload an external certificate along with an external private key, in addition to a server certificate. Unlike a server certificate, you could upload and use the same external certificate and key pair for multiple Cisco IMC servers.

  • Support for Public Key-based Authentication: In this release, Cisco IMC provides SSH Public key-based authentication in addition to password authentication. SSH keys are a set of public and private key pair, which you can use for authentication. Public key-based authentication provides enhanced security over password-based authentication.

  • Cisco IMC GUI reports unsupported PSU fault error. The PSU fault error is F2013 - fltEquipmentPsuUnsupported. This feature is supported in Cisco UCS C220 M5, C240 M5 and C480 M5 servers.

  • Dual Enclosure Support: Cisco IMC CLI allows you to enable dual enclosure in storage controllers. This feature is supported only on the server nodes having UCS S3260 12G Dual Pass-Through Controller (UCS-S3260-DHBA). Using this feature, you can select a SAS expander in the Dynamic Storage tab and enable dual enclosure support on the SAS expander, based on your requirements.


    Note

    You can enable dual enclosure support only in Cisco IMC CLI.

  • Support for NVMe over Fabrics (NVMeoF) using IPv4 or IPv6 RDMA over Converged Ethernet version 2 (RoCEv2) is supported on Red Hat Enterprise Linux 7.7 with Linux Z-Kernel-3.10.0-1062.9.1.el7.x86_64.

  • Support for RoCEv2 protocol for Windows 2019 NDKPI mode 1 and mode 2, with both IPV4 and IPV6.

New Hardware Features in Release 4.1

New Hardware Support in Release 4.1(2l)

There are no new hardware introduced for this release.

New Hardware Support in Release 4.1(2b)

The following new hardware are supported in Release 4.1(2b):

  • Cisco UCSC-RAID-M5: Broadcom 12G Modular RAID controller with 2GB cache support on C240 M5 SD servers

  • Following adapter cards are supported in Cisco UCS C125 M5 Rack Server Node based on 2nd Gen AMD EPYC 7002 Series Processors:

    • Mellanox CX-5 MCX516A-CDAT 2x100GbE QSFP PCIe NIC (UCSC-P-M5D100GF)

    • Mellanox MCX512A-ACAT dual port 10/25G SFP28 NIC (UCSC-P-M5D25GF)

  • 3200 Mhz DIMM support from BIOS in Cisco UCS C125 M5 Rack Server Node based on 2nd Gen AMD EPYC 7002 Series Processors.

  • Intel i350 Quad Port 1Gb Adapter support in Cisco UCS C240 SD M5 server.

  • NVIDIA Mellanox MCX653106A-HDAT (with 55m cable) support in Cisco UCS C480 ML M5 server.

  • Intel® FPGA Programmable Acceleration N3000 PCIe Adapter support on Cisco UCS C240 SD M5 servers.

  • Cisco-Intel 8970 QAT Offload PCIe Adapter (UCSC-P-IQAT8970) support on Cisco UCS C220 M5, C240 M5, and C480 M5 servers.

New Hardware Support in Release 4.1(2a)

The following new hardware are supported in Release 4.1(2a):

  • Cisco UCS C240 SD M5 Server—is a two-socket C-Series 2U chassis designed to operate both in standalone and UCS environments. It serves the edge computing market that uses standard x86 based 19" rack servers.

  • Cisco IMC support for Cisco UCS C125 M5 Rack Server Node based on 2nd Gen AMD EPYC 7002 Series Processors

  • Nvidia QUADRO RTX 8000, PASSIVE, 250W TGP, 48GB (UCSC-GPU-RTX8000) support on Cisco UCS C240 M5 SFF variant servers

  • Nvidia QUADRO RTX 6000, PASSIVE, 250W TGP, 24GB (UCSC-GPU-RTX6000) support on Cisco UCS C240 M5 SFF variant servers

  • Cisco Boot optimized M.2 RAID controller support on Cisco UCS C125 servers.

  • Cisco 9400-8i 12G SAS HBA support on Cisco UCS C125 servers with 2nd Gen AMD EPYC 7002 Series Processors

  • Mellanox ConnectX-5 MCX516A-CDAT dual port 100GbE QSFP28 NIC support on Cisco UCS S3260 M5 servers with UCS-S3260-PCISIOC SIOC

  • Intel® FPGA Programmable Acceleration N3000 PCIe Adapter support on Cisco UCS C240 SD M5 servers.

  • Cisco-Intel 8970 QAT Offload PCIe Adapter (UCSC-P-IQAT8970) support on Cisco UCS C220 M5, C240 M5, and C480 M5 servers.

Security Fixes

Security Fixes in Release 4.1(2m)

The following Security Fixes were added in Release 4.1(2m):

Defect ID - CSCwe96259

Cisco UCS C-Series Rack Servers are affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID(s):

  • CVE-2023-20228—A vulnerability in the web-based management interface of Cisco IMC could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information.

Defect ID - CSCwf98321

Cisco UCS C-Series M4 Rack Servers are affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID(s):

  • CVE-2022-38083—Improper initialization in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure through local access.

  • CVE-2022-43505—Insufficient control flow management in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service through local access.

Security Fixes in Release 4.1(2k)

The following Security Fixes were added in Release 4.1(2k):

Defect ID - CSCwb67158

Cisco UCS M4 servers (excluding Cisco UCS C460 M4) are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2021-0153—Out-of-bounds write in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

  • CVE-2021-0154—Improper input validation in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable aescalation of privilege through local access.

  • CVE-2021-0155—Unchecked return value in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable information disclosure through local access.

  • CVE-2021-0190—Uncaught exception in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

  • CVE-2021-33123—Improper access control in the BIOS authenticated code module for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

  • CVE-2021-33124—Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

Defect ID - CSCwb67157

Cisco UCS C460 M4 servers are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2021-0154—Improper input validation in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable aescalation of privilege through local access.

  • CVE-2021-0155—Unchecked return value in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable information disclosure through local access.

  • CVE-2021-0189—Uncaught exception in the BIOS firmware for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

  • CVE-2021-33123—Improper access control in the BIOS authenticated code module for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

  • CVE-2021-33124—Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors might allow a privileged user to enable escalation of privilege through local access.

Security Fixes in Release 4.1(2j)

The following Security Fix was added in Release 4.1(2j):

Defect ID - CSCvz48566

Cisco UCS C220 M4, M5 and M6 servers are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2021-3712—ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure, which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are represented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own d2i functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure.

    However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the data field, then a read buffer overrun can occur.

    The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions.

    An attacker can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext).

This release includes SSL revisions for Cisco UCS M4, M5 and M6 rack servers. These revisions include update for rack servers, which is a required part of the mitigation for these vulnerabilities.

Security Fixes in Release 4.1(2g)

The following Security Fixes were added in Release 4.1(2g):

Defect ID - CSCvy91321

Cisco Integrated Management Controller (IMC) Software are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2021-34736—A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an unauthenticated, remote attacker to cause the web-based management interface to unexpectedly restart.

    The vulnerability is due to insufficient input validation on the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to cause the interface to restart, resulting in a denial of service (DoS) condition.

    Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Security Fixes in Release 4.1(2f)

The following Security Fixes were added in Release 4.1(2f):

Defect ID - CSCvw07430

Cisco UCS C-Series and S-Series M4 servers (except Cisco UCS C460 M4 servers), based on Intel® Processors are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2020-0591—Improper buffer restrictions in BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege through local access.

  • CVE-2020-0592—Out of bounds write in BIOS firmware for some Intel® Processors may allow an authenticated user to potentially enable escalation of privilege and/or denial of service through local access.

  • CVE-2020-8740—Out of bounds write in Intel BIOS platform sample code for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege through local access.

  • CVE-2020-8738—Improper conditions check in Intel® BIOS platform sample code for some Intel® Processors before may allow a privileged user to potentially enable escalation of privilege through local access.

  • CVE-2020-8764—Improper access control in BIOS firmware for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege through local access.

Software Utilities

The following standard utilities are available:

  • Host Update Utility (HUU)

  • BIOS and Cisco IMC Firmware Update utilities

  • Server Configuration Utility (SCU)

  • Server Diagnostic Utility (SDU)

The utilities features are as follows:

  • Availability of HUU, SCU on the USB as bootable images. The USB also contains driver ISO, and can be accessed from the host operating system.

Resolved Caveats

Resolved Caveats in 4.1(2l)

The following caveat was resolved in Release 4.1(2l):

Table 15. BMC

Defect ID

Symptom

First Release Affected

Resolve in Release

CSCwe90563

Detailed audit logs are not captured for few user or password related operations, such as, failed login attempts, modifying user attributes.

This issue is now resolved.

 4.1(2k)

4.1(2l)

Resolved Caveats in 4.1(2h)

The following caveats were resolved in Release 4.1(2h):
Table 16. BMC Storage

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCwa32040

In Cisco UCS C-Series M4 rack servers, after enabling encryption through HX Connect, HX Connect shows status as Partially Encrypted, whereas Cisco UCS Manager and HX CLI display encryption enabled as expected.

This issue is now resolved.

4.1(2b)

4.1(2h)

Resolved Caveats in 4.1(2g)

The following caveats were resolved in Release 4.1(2g):
Table 17. BMC

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCvz33909

Cisco IMC is not reachable on BE7K after upgrading to release 4.1(2f) in Cisco UCS C240 M4 servers.

This issue is now resolved.

4.1(2f)

4.1(2g)

CSCvz24748

In Cisco UCS C-Series servers, the Cisco IMC management interface sometimes becomes unresponsive to ICMP, HTTPs, SSH due to memory leak, thus failing operations such as LED locator, CIMC reset, Discovery.

This issue is now resolved.

4.1(2f)

4.1(2g)

CSCvz04644

TLS static Cipher is now disabled by default for Cisco UCS C220 M4, C240 M4, and C460 M4 servers.

If you wish to enable this feature, see Enabling TLS Static Cipher procedure in Cisco UCS C-Series Servers Integrated Management Controller CLI Configuration Guide, Release 4.1.

4.1(2f)

4.1(2g)

Resolved Caveats in 4.1(2f)

The following caveats were resolved in Release 4.1(2f):

Table 18. BIOS

Defect ID

Symptom

First Affected Release

Resolved in Release

CSCvw49192

After upgrading to release 4.1(2b), some system configurations may be unable to perform power characterization resulting in a POST failure. System freezes at Loading PTU driver screen. CATERR is also logged in the SEL.

This issue is now resolved.

4.1(2b)

4.1(2f)
Table 19. BMC

Defect ID

Symptom

First Affected Release

Resolved in Release

CSCvv97789

Cisco UCS M4 servers fail to accept the default admin password in F8 boot utility under the following conditions:

  • servers are running release 4.1(1c) or 4.1(2a)

  • servers are reset to factory default settings for any reason

Due to this, you cannot use the F8 configuration utility.

This issue is now resolved.

4.1(2a)

4.1(2f)

CSCvi46928

Cisco IMC reboots without any reason in Cisco UCS C480 servers. Cisco IMC logs do not show any error or Out of Memory issues.

This issue is now resolved.

3.1(2b)

4.1(2f)

CSCvv60351

Cisco UCS M4 and M5 servers intermittently lose access to the equipped Flexflash and SD card.

This issue is now resolved.

4.0(4i)

4.1(2f)

CSCvw67797

Cisco UCS C240 M5 servers unexpectedly reboot after upgrading Cisco IMC to release 4.1(2b).

This issue is now resolved.

4.1(2b)

4.1(2f)

CSCvw95072

NMPowerManager.c triggers an unexpected power off event during OS run time in Cisco UCS M5 servers. As a result, Cisco IMC shuts down the server and triggers power characterization.

This issue is now resolved.

4.1(2b)

4.1(2f)

CSCvw42163

Following BIOS token settings in Cisco UCS C220 M4 servers with ESXi OS do not get updated after being set from Cisco IMC menu:

  • ProcessorC1E

  • ProcessorC1EReport

  • ProcessorC6Report

F2 menu does not reflect the updated values.

This issue is now resolved.

4.0(2f)

4.1(2f)
Table 20. BMC Storage

Defect ID

Symptom

First Affected Release

Resolved in Release

CSCvv83116

Cisco IMC GUI interface does not display SAS SSD Smart information Power on Hours for Cisco UCS M4 and M5 servers.

This issue is now resolved.

4.1(2a)

4.1(2f)
Table 21. External Controllers

Defect ID

Symptom

First Affected Release

Resolved in Release

CSCvv71216

In the Cisco UCS C220 M4 servers, whenever the FlexFlash controller is reset, the operating mode of the SD card is switched between 3.3 V signaling (during initialization) and 1.8 V signaling (for data transfers). This condition results in the disappearance of SD card to OS. Thereby, resulting in OS crash.

This issue is now resolved.

4.0(1d)

 4.1(2f)

Resolved Caveats in 4.1(2b)

The following caveats were resolved in Release 4.1(2b):

Table 22. BMC

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCvv08053

Cisco UCS C-Series M4 and earlier model servers, in UCS Manager attached mode—if two IP addresses are configured in Inband mode from the same VLAN ID, then only one IP address is assigned after a fabric failover.

This issue is now resolved.

4.1(2a)

4.1(2b)

CSCvv79912

Unexpected BMC watchdog hard reset messages appear in logs.

This issue is now resolved.

4.0(4h)

4.1(2b)

Resolved Caveats in 4.1(2a)

The following caveats were resolved in Release 4.1(2a):

Table 23. BIOS

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCvt73487

Cisco UCS C480 M5 servers may stop responding at BIOS POST with the following SEL:

System Software event: Post sensor, System Firmware error (POST Error), No video adapter present/enabled [0x9263] was asserted

This issue is now resolved.

4.0(4h)

4.1(2a)
Table 24. BMC

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCvt23154

In Cisco UCS M5 servers, only CPU2 is listed in the invalid POR fault summary message, even though the fault occurs in both CPUs.

This issue is now resolved.

4.0(4b)

4.1(2a)

CSCvt63778

Power Cap setting failure is observed in Cisco UCS C220 M5 servers while configuring the profile. The following error message is displayed:

[FSM:STAGE:REMOTE-ERROR]: Result: end-point-protocol-error Code: unspecified Message: Failed to set power cap.-MC Error(-1): One or more of the arguments are invalid(sam:dme:MgmtController

4.1(1c)

4.1(2a)
Table 25. External Controllers

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCvt76668

Cisco UCS S-series serves equipped with SAS Expander fail to upgrade the expander and report it as inoperable.

This issue is now resolved.

4.0(4h)

4.1(2a)

Open Caveats

Open Caveats in Release 4.1(2b)

The following defects are open in Release 4.1(2b):

Table 26. BMC

Defect ID

Symptom

Workaround

First Affected Release

CSCvv97789

Cisco UCS M4 servers fail to accept the default admin password in F8 boot utility under the following conditions:

  • servers are running release 4.1(1) or 4.1(2a)

  • servers are reset to factory default settings for any reason

Due to this, you cannot use the F8 configuration utility.

Use DHCP to automatically assign an IP address to Cisco IMC.

Once Cisco IMC has a DHCP IP address, you can log in using Cisco IMC GUI or CLI and configure the server as desired.

4.1(2a)
Table 27. External Controller

Defect ID

Symptom

Workaround

First Affected Release

CSCvv92875

NVMe drives connected to SIOC in Cisco UCS S3260 M5 servers do not show in Cisco IMC GUI inventory.

Perform a server cold reboot.

4.1(2a)

Open Caveats in Release 4.1(2a)

The following defects are open in Release 4.1(2a):

Table 28. BMC

Defect ID

Symptom

Workaround

First Affected Release

CSCvs29252

CIFS 2.0 share server mapping is not supported in Cisco UCS M4 servers.

Cisco IMC Scriptable Vmedia does not support vers option with NFS and CIFS mount options in Cisco UCS M4 servers.

There is no known workaround.

4.1(1c)
Table 29. BIOS

Defect ID

Symptom

Workaround

First Affected Release

CSCvu31747

Local disk configured using Cisco 12G Modular RAID controller with 2GB cache (UCSC-RAID-M5), or Cisco 12G Modular RAID controller with 2GB cache UCSC-SAS9460-8i (UCSC-SAS9460-8i), or Cisco 12G Modular SAS HBA max 16 drives (UCSC-SAS-M5) is not discovered during the installation of Citrix XEN 7.1 Hypervisor on Cisco UCS M5 servers.

Perform the following steps:

  1. During the installation of Citrix XEN 7.1 Hypervisor, press F9 and load the megaraid_sas driver.

  2. Once the driver is loaded, press Ctrl + Alt + F1 to enter to Linux shell and execute the following command

    • For RAID Controller

      modprobe megaraid_sas

    • For SAS HBA

      modprobe mpt3sas

  3. Ensure that the module is loaded successfully. Execute the following command to verify:

    • For RAID Controllers

      lsmod | grep megaraid_sas

    • For SAS HBA

      lsmod | grep mpt3sas

  4. Press Ctrl + Alt + F2 to switch back to Citrix XEN 7.1 Hypervisor installer, and proceed with the OS installation.

  5. Once the OS installation is complete, provide the MegaRAID or mpt3sas DUD as a supplementary package.

4.1(2a)
Table 30. External Controllers

Defect ID

Symptom

Workaround

First Affected Release

CSCvo39645

CATERR/IERR occurs on multiple concurrent reboots and the system becomes unresponsive during POST. This issue occurs on servers with NVMe drives on mSwitch connected configuration.

When this issue occurs, perform a warm reboot.

4.0(4b)

CSCvp35008

SLES/RHEL OS installation in UEFI mode fails on Cisco UCS C-Series M5 servers when they are equipped with Intel Xx710 adapters, and one or more of these adapters has the Option ROM enabled.

Disable the Option ROMs for all Intel adapters, including LOM, in the server.

4.0(4b)

CSCvs30287

Multiple critical SEL events are observed in Cisco UCS C125 servers based on AMD EPYC 7352 (ROME) processors, equipped with HGST NVMe drives

Reboot the server.

4.1(2a)
Table 31. VIC

Defect ID

Symptom

Workaround

First Affected Release

CSCvs06864

During installation of Windows 2019 on Cisco UCS fNIC LUN with service profile configured with 2 or more vHBAs on a Cisco UCS VIC 14xx series adapter, blue screen of death (BSoD) is observed.

On each Cisco UCS VIC 14xx series adapters, limit the number of vHBAs to one during Windows 2019 installation on SAN LUN. Add the remaining vHBAs after installation.

4.0(4b)

Known Behaviors and Limitations

Known Behaviors and Limitations in Release 4.1(2b)

The following caveats are the known limitations in Release 4.1(2b):

Table 32. BMC

Defect ID

Symptom

Workaround

First Affected Release

CSCvw45768

Password setting fails in the Cisco IMC Configuration Utility, when Cisco IMC is reset to factory defaults.

  1. Reset Cisco IMC and wait for 15 minutes.

  2. Set a strong password using the Cisco IMC Configuration Utility.

    See here for the guidelines to set a strong password.

  3. If the following message is displayed after setting a strong password, then ignore the message:

    Weak password: Refer User Guide for strict password guidelines.

  4. Reboot the host and perform other system configurations.

4.1(2b)

Guidelines to set a strong password:

  • The password must have a minimum of 8 and a maximum of 14 characters.

    For Non-IPMI users, the password can have maximum of 127 characters.

  • The password must not contain the username.

  • The password must contain characters from three of the following four categories:

    • English uppercase characters (A-Z).

    • English lowercase characters (a-z).

    • Base 10 digits (0-9).

    • Non-alphabetic characters (!, @, #, $, %, ^, &, *,-, _, , =,'').

Known Behaviors and Limitations in Release 4.1(2a)

The following caveats are the known limitations in Release 4.1(2a):

Table 33. BIOS

Defect ID

Symptom

Workaround

First Affected Release

CSCvu62006

SLES 15.2 and Ubuntu 20.04 OS successfully install on Cisco UCS C-Series and S-Series M4 servers with UEFI boot entry. However, booting to UEFI default boot entry deactivates after a reboot.

Perform the following steps:

  1. Enter BIOS setup and create an admin password.

  2. Go to Advanced > Trusted Computing and select TCG_2 for TPM 1.2 or 2.0 UEFI version.

  3. Press F10 to save and exit.

4.0(2m)
Table 34. BMC

Defect ID

Symptom

Workaround

First Affected Release

CSCvu43650

The following Redfish APIs are listed in release 4.1(2a), but are not supported:

  • BbuStartLearnCycle

  • StartDiagnostics

  • GetDiagStatus

  • CancelDiag

There is no known workaround. These APIs are only listed but not supported.

4.1(2a)

CSCvt38038

Link Training option is no longer available with Cisco UCS 13xx series VIC adapters.

There is no known workaround.

4.1(2a)
Table 35. External Controllers

Defect ID

Symptom

Workaround

First Affected Release

CSCvu06698

Cavium and Qlogic Network and iSCSI driver updates fail on ESXi OS version 7.0 and 6.5U3 with the dependency error.

ESXi OS image has inbox Cavium and QLogic Network and iSCSI driver which is incompatible with latest asynchronous drivers packaged as part of driver ISO.

Perform the following steps:

  1. Move the ESXi host to maintenance mode.

  2. Unload the inbox Cavium/QLogic drivers (qedentv/qedrntv/qedil)

    esxcli software vib remove, hwere vibname=VIB File of Driver

  3. Load the latest driver packaged as part of Driver ISO

    esxcli software vib install -v <VIB File of driver>

  4. Reboot the ESXi host.

  5. Once the OS boots up, exit the maintenance mode.

4.1(2a)
Table 36. Operating System

Defect ID

Symptom

Workaround

First Affected Release

CSCvu80469

Installation of mpt3sas driver fails after installing i40e drivers on SLES 12.5 OS in Cisco UCS servers equipped with Intel 710 series adapters and pass through HBA controller.

Following warning message is displayed:

Updating / installing...
1:lsi-mpt3sas-kmp-default
-30.00.01.# [100%]depmod: 
WARNING: //lib/modules/4.12.14-119-default
/kernel/drivers/infiniband/hw
/i40iw/i40iw.ko disagrees about 
version of symbol i40e_unregister_client
depmod: WARNING: //lib/modules
/4.12.14-119-default/kernel
/drivers/infiniband/hw/i40iw
/i40iw.ko disagrees about version 
of symbol i40e_register_client
Warning: /lib/modules/4.12.14-119
-default is inconsistent
Warning: weak-updates symlinks 
might not be created

Perform one of the following:

  1. Uninstall i40e driver

  2. Change the order of installation. Install mpt3sas driver first and then i40e driver.

4.1(2a)

Related Documentation

For configuration information for this release, refer to the following:

For information about installation of the C-Series servers, refer to the following:

The following related documentation is available for the Cisco Unified Computing System:

Refer to the release notes for Cisco UCS Manager software and the Cisco UCS C Series Server Integration with Cisco UCS Manager Guide at the following locations: