Release Notes for Cisco UCS Manager, Release 2.2

Overview

This document describes system requirements, new features, resolved caveats, known caveats and workarounds for Cisco UCS Manager software Release 2.2. This document also includes the following:

  • Current information that became available after the technical documentation was published

    • Related firmware and BIOS on blade and rack servers and other Cisco Unified Computing System (UCS) components associated with the release

Use this release note as a supplement with the other documents listed in documentation roadmaps:

Contents of the various bundles for this release are described in:

Make sure to review other available documentation on Cisco.com to obtain current information on Cisco UCS Manager.

Support for Web User Interface Post Deprecation of Adobe Flash

The Web user interface of Cisco UCS Manager releases earlier than 3.1(3a) — including the releases on the 2.2 release train — are Java-based and may not be accessible on browser versions that will deprecate support for Adobe Flash on Dec 31, 2020. For more details on the problem description and workarounds, refer to the Field Notice: FN72012.

Revision History

Table 1. Online Change History

Date

Description

December 12, 2013

Created release notes for Cisco UCS Manager, Release 2.2(1b).

December 20, 2013

Added additional caveats.

February 9, 2014

Updated release notes for Cisco UCS Software Release 2.2(1c).

February 19, 2014

Updated release notes for Catalog Release 2.2.1c.T.

April 2, 2014

Updated release notes for Catalog Release 2.2.1d.T.

April 10, 2014

Updated release notes for Cisco UCS Software Release 2.2(1d).

May 16, 2014

Added CSCuo78883 to Open Caveats for release 2.2(1d).

May 22, 2014

Updated release notes for Cisco UCS Software Release 2.2(2c).

May 24, 2014

Updated to include additional Open Caveats for Cisco UCS Software Release 2.2(2c).

May 30, 2014

Modified several Caveat descriptions.

June 18, 2014

Added CSCul74278 to 2.2(1b) Open Caveats and to 2.2(2c) Resolved Caveats; added ‘Behavior Changes’ section; and corrected three items in Servers list.

August 1, 2014

Updated release notes for Cisco UCS Software Release 2.2(1e).

August 21, 2014

Added B22 PID support and updated PID support for other servers in Version Mapping table for 2.2(2c); added ‘Chassis’ section to Internal Dependencies table; added UCSB-5108-AC2, -DC2, and -HVDC to New Hardware Features section; added note to Upgrade section for CSCud81176 consideration; added CSCuj81245 to 2.2(1b) Open Caveats table and to 2.2(2c) Resolved Caveats table.

September 8, 2014

Updated release notes for Cisco UCS Software Release 2.2(3a).

September 11, 2014

Updated release notes for Cisco UCS Software Release 2.2(2d); updated the Recommended Minimum Software in Table 4.

October 9, 2014

Updated release notes for Cisco UCS Software Release 2.2(3b).

October 24, 2014

Updated release notes for Cisco UCS Software Release 2.2(2e) and 2.2(3c).

October 31, 2014

Updated release notes for Cisco UCS Software Release 2.2(1f).

November 10, 2014

Added CSCuo60330 to 2.2(3a) resolved caveats.

November 17, 2014

Added missing 2.2(3c) adapter to Internal Dependencies table.

December 4, 2014

Updated release notes for Catalog Release 2.2.3b.T.

December 22, 2014

Updated release notes for Cisco UCS Software Release 2.2(1g) and 2.2(3d).

January 13, 2015

Updated first affected bundle for CSCuq20755.

March 4, 2015

Updated release notes for Cisco UCS Software Release 2.2(3e).

March 18, 2015

Updated the New Hardware Features list for Release 2.2(3a).

March 20, 2015

Updated release notes for Cisco UCS Software Release 2.2(3f).

April 15, 2015

Updated the Recommended Software Version for C260 and C460 M2 servers.

May 14, 2015

Updated release notes for Cisco UCS Software Releases 2.2(3g) and 2.2(4b).

May 26, 2015

Added CSCus10255 to the Resolved Caveats for Cisco UCS Software Release 2.2(4b).

June 5, 2015

Updated release notes for Cisco UCS Software Release 2.2(5a).

June 15, 2015

Updated release notes for Cisco UCS Software Release 2.2(1h).

June 30, 2015

Updated the Capability Catalog and New Hardware Features sections with information about Cisco 12G SAS Modular RAID Controller. Updated the Resolved Caveats for 2.2(4b).

July 10, 2015

Added CSCuv04436 to the Open Caveats for 2.2(4b) and 2.2(5a). This issue has a software advisory associated with it.

July 17, 2015

Updated release notes for Cisco UCS Software Release 2.2(4c).

July 30, 2015

Updated release notes for Cisco UCS Software Release 2.2(5b).

August 27, 2015

Updated release notes for Cisco UCS Software Release 2.2(5c).

September 11, 2015

Updated the Behavior Changes section for Release 2.2(4b). Updated the Resolved and Open Caveats for Release 2.2(5c). Added CSCus81832 to the list of Resolved Caveats for Release 2.2(4b).

September 22, 2015

Added CSCus73196 to the list of Open Caveats for Release 2.2(3d).

September 25, 2015

Updated release notes for Cisco UCS Software Release 2.2(3h).

October 8, 2015

Updated release notes for Cisco UCS Software Release 2.2(6c).

October 17, 2015

Added CSCuv45173 to the Known Limitations table. This issue has a software advisory associated with it.

November 4, 2015

Updated release notes for Cisco UCS Software Release 2.2(6d).

November 16, 2015

Updated release notes for Cisco UCS Software Release 2.2(5d).

December 14, 2015

Updated release notes for Cisco UCS Catalog Release 2.2.6e.T.

December 16, 2015

Updated release notes for Cisco UCS Software Release 2.2(6e).

January 18, 2016

Updated the Behavior Changes section for Release 2.2(6c).

February 2, 2016

Updated release notes for Cisco UCS Software Release 2.2(6f).

February 9, 2016

Updated release notes for Cisco UCS Software Release 2.2(3j).

February 29, 2016

Updated release notes for Cisco UCS Software Release 2.2(6g).

March 31, 2016

Updated release notes for Cisco UCS Software Release 2.2(7b).

April 18, 2016

Updated the New Software Features description for Release 2.2(7b).

May 13, 2016

Updated release notes for Cisco UCS Software Release 2.2(3k).

May 18, 2016

Updated release notes for Cisco UCS Software Release 2.2(6i).

May 24, 2016

Added CSCuz74973 to the Open Caveats for Cisco UCS Software Release 2.2(3b), and updated the workaround for CSCut63966.

June 2, 2016

Updated release notes for Cisco UCS Software Release 2.2(7c).

June 13, 2016

Updated the note in Updating Cisco UCS Release.

June 17, 2016

Added CSCut46044 and CSCup58725 to the Open Caveats for Cisco UCS Software Release 2.2(3a).

Added CSCuj84274 to the Open Caveats for Cisco UCS Software Release 2.2(1a).

Added CSCut46044 to the Security Fixes for Cisco UCS Software Release 2.2(7b).

June 20, 2016

Removed note for UCS-ML-1X324RU-G and UCS-ML-1X644RU-G.

Added a note for UCS-ML-1X324RV-A and UCS-ML-1X644RV-A.

July 5, 2016

Updated release notes for Cisco UCS Software Release 2.2(6j).

July 13, 2016

Updated release notes for Cisco UCS Software Release 2.2(8a).

Updated the Recommended Software Version for C200, C210, and C250 M2 servers.

July 29, 2016

Updated release notes for Cisco UCS Software Release 2.2(7d).

August 8, 2016

Updated the New Software Features description for Release 2.2(7b).

August 12, 2016

Added CSCva87230 to the list of open caveats for release 2.2(8a).

August 24, 2016

Updated release notes for Cisco UCS Software Release 2.2(8b).

Added software advisory associated with CSCva87230.

August 26, 2016

Updated release notes for Cisco UCS Software Release 2.2(7e).

September 29, 2016

Updated release notes for Cisco UCS Software Release 2.2(8c).

October 18, 2016

Updated release notes for Cisco UCS Software Release 2.2(8d).

November 21, 2016

Added CSCuz74973 to the Resolved Caveats for Cisco UCS Software Release 2.2(7b).

November 23, 2016

Updated release notes for Cisco UCS Software Release 2.2(8e)T.

December 22, 2016

Updated release notes for Cisco UCS Software Release 2.2(8f).

January 30, 2017

Updated release notes for Cisco UCS Software Release 2.2(3l).

March 14, 2017

Updated release notes for Cisco UCS Software Release 2.2(8g).

September 12, 2017

Updated the list of security fixes with CSCvf35705.

November 21, 2017

Updated release notes for Cisco UCS Software Release 2.2(8i).

December 15, 2017

Updated the Resolved Caveat version for CSCuu33864.

January 9, 2018

Updated the list of security fixes with CSCuq77241.

April 06, 2018

Updated release notes for Cisco UCS Software Release 2.2(8j).

May 18, 2018

Updated the Resolved Caveats for Cisco UCS Software Release 2.2(7b) with CSCun07367.

May 28, 2018

Updated the Open Caveats for Cisco UCS Software Release 2.2(1b) with CSCvj59299, CSCvj59301, CSCvj54880, CSCvj54847, CSCvj54187, and their Software Advisory.

August 01, 2018

Updated release notes for Cisco UCS Software Release 2.2(8l).

August 27, 2018

Added the L1 Terminal Fault caveats — CSCvm02934, CSCvm03356, CSCvm03351, and CSCvm03339 — to the list of Security Fixes for Cisco UCS Software Release 2.2(8l).

February 26, 2019

Added CSCvf32853 to the list of Open Caveats for Cisco UCS Software Release 2.2(8a).

October 18, 2019

Updated release notes for Cisco UCS Software Release 2.2(8m).

December 20, 2020

Added notice: Support for Web User Interface Post Deprecation of Adobe Flash.

Introduction

Cisco UCS Manager™ provides unified, embedded management of all software and hardware components of the Cisco Unified Computing System™ (Cisco UCS) across multiple chassis, rack servers, and thousands of virtual machines. Cisco UCS Manager manages Cisco UCS as a single entity through an intuitive GUI, a command-line interface (CLI), or an XML API for comprehensive access to all Cisco UCS Manager functions.

System Requirements

To use Cisco UCS Manager your computer must meet or exceed the following minimum system requirements:

  • The Cisco UCS Manager GUI is a Java-based application which requires Java Runtime Environment 1.6 or later.

  • Cisco UCS Manager uses web start and supports the following web browsers:

    • Microsoft Internet Explorer 9.0 or higher

    • Mozilla Firefox 7.0 or higher

    • Google Chrome 14.0 or higher

  • Adobe Flash Player 10 or higher is required for some features

  • Cisco UCS Manager is supported on the following operating systems:

    • Microsoft Windows 7 with minimum 4.0 GB memory

    • Red Hat Enterprise Linux 5.0 or higher with minimum 4.0 GB memory

  • Cisco UCS Central integration:

    • Cisco UCS Manager Release 2.2(1) and 2.2(2) can only be registered with Cisco UCS Central, Release 1.1(1b) or higher.

    • Cisco UCS Manager Release 2.2(3) and later releases can only be registered with Cisco UCS Central, Release 1.2(1a) or higher.

    • Cisco UCS Manager Release 2.2(7) and later releases require Cisco UCS Central, Release 1.4(1b) or higher.


Note

For more information, see the Feature Support Matrix section of the Cisco UCS Central Installation and Upgrade Guides.


Updating Cisco UCS Releases

The Cisco UCS Manager A bundle software (Cisco UCS Manager, Cisco NX-OS, IOM firmware) can be mixed with previous B or C bundle releases on the servers (host firmware (FW), BIOS, CIMC, adapter FW and drivers).

The following table lists the mixed A, B, and C bundle versions that are supported:

Table 2. Mixed Cisco UCS Releases Supported

Infrastructure Versions (A Bundles)

Host FW Versions (B or C Bundles)

2.0(1)

2.0(2)

2.0(3)

2.0(4)

2.0(5)

2.1(1)

2.1(2)

2.1(3)

2.2(1)

2.2(2)

2.2(3)

2.2(4)

2.2(5)

2.2(6)

2.2(7)

2.2(8)

2.0(1)

Yes

Yes

Yes

Yes

2.0(2)

Yes

Yes

Yes

Yes

2.0(3)

Yes

Yes

Yes

Yes

2.0(4)

Yes

Yes

Yes

Yes

2.0(5)

Yes

Yes

Yes

Yes

2.1(1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

2.1(2)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

2.1(3)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

2.2(1)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

2.2(2)

Yes

Yes

Yes

Yes

Yes

Yes

Yes

2.2(3)

Yes

Yes

Yes

Yes

Yes

Yes

2.2(4)

Yes

Yes

Yes

Yes

Yes

2.2(5)

Yes

Yes1

Yes1

Yes1

Yes1

2.2(6)

Yes1

Yes1

Yes1

Yes1

Yes1

2.2(7)

Yes1

Yes1

Yes1

Yes1

Yes1

2.2(8)

Yes1

Yes1

Yes1

Yes1

Yes1

1 Beginning with Cisco UCS Manager Release 2.2(4), and for M4 servers, a lower version of the infrastructure A bundle will be compatible with the previous version and higher version of B and C server bundles. For example, the Cisco UCS Manager Release 2.2(4)A bundle will be supported with any of the following B bundles for B200-M4 servers: 2.1(1)B, 2.1(2)B, 2.1(3)B, 2.2(1)B, 2.2(2)B, 2.2(3)B, 2.2(4)B, 2.2(5)B, 2.2(6)B, 2.2(7)B, 2.2(8)B.


Note

For M1, M2, M3 servers, only N, N-1 cross-version firmware is supported. For example, for B200 M3 servers, the 2.2(4)A bundle will be supported with 2.1(1)B, 2.1(2)B, 2.1(3)B, 2.2(1)B, 2.2(2)B, 2.2(3)B, and 2.2(4)B bundles).


  • If upgrading from a pre-2.2(1b) release and running Management Firmware Pack, refer to open caveat information for CSCud81176 in Release Notes for Cisco UCS Software, Release 2.1.

  • If an environment includes a mix of servers, refer to CSCuh61202 and CSCus64439 for caveat information.


    Note

    To avoid this issue, first upgrade any Cisco UCS 1240, Cisco UCS 1280, and Cisco M81KR adapter firmware before updating the Cisco UCS infrastructure components—Cisco UCS Manager, IOM, and FI.


  • During manual or auto firmware installs, the fabric interconnect may fail to reload after a reboot or power cycle. Refer to CSCut63966 for caveat information.

    A workaround for this issue is to modify a script file, which is called before any reboots occur. This modification can limit the chances of experiencing this issue during an upgrade to firmware versions in which this issue is resolved. Contact Cisco TAC for more information regarding this workaround, and to recover from this issue.

  • A mix of servers running different B-bundles may be run with a single A-bundle. However, any given server must be running the entire B/C-bundles (with associated drivers). Example: mixing the 2.1(2)B BIOS with the 2.1(3)B CIMC on a server is not supported.

  • The OS hardware and software interoperability is relative to the B/C-bundle on any given server. To see what OS is supported, see the Hardware and Software Interoperability documentation associated with the B-bundle version.

  • For all M3 or older servers released with Cisco UCS Manager Release 2.2(3) and earlier versions, the A-bundle version must be at or above the same version(s) of any B/C-bundles running on the servers (see Table 2). This applies to patch levels as well, even though they are not displayed on the table. For example, you can mix 2.1(1f)A with 2.1(1b)B, but you cannot mix 2.1(1b)A with 2.1(1f)B.

    You do not need the A-bundle version to be at or above the same version(s) of any B/C-bundles when using Cisco UCS Manager Release 2.2(4) and later releases with M4 servers.

    For all M1, M2, M3, and M4 servers released with Cisco UCS Manager Release 2.2(4) and later versions, the patch version of the A-bundle version does not affect the compatibility with B/C bundles running on the servers. The patch versions within a release, such as 2.2(8a) and 2.2(8e), are always supported regardless of the combination. For example, you can mix 2.2(4b)A with 2.2(4c)B, or 2.2(4c)A with 2.2(4b)C.

  • Some features introduced in Cisco UCS Release 2.2 require that both the A-bundle version and the B/C-bundle versions be upgraded to the same version. For example, the lower power budget supported for Cisco UCS Release 2.2 is not supported for servers using 2.1 firmware.

  • In Cisco UCSM Release 2.2 and later releases, the adapter firmware version is different from the Cisco UCSM Release version.

Minimum B/C Bundle Version Requirements for Cisco UCS Manager Features

The following Cisco UCS Manager 2.2 features require the specified minimum B/C bundle version to perform expected operations:

Table 3.

Feature

B Bundle Version

C Bundle Version

IPv6 Management Support

2.2(1b)B

2.2(1b)C

usNIC for Low Latency

2.2(1b)B

2.2(1b)C

Support for Virtual Machine Queue (VMQ)

2.2(1b)B

2.2(1b)C

VM-FEX for Hyper-V Management with Microsoft SCVMM

2.2(1b)B

2.2(1b)C

Secure Boot

2.2(1b)B

2.2(1b)C

Local Storage Management

2.2(1b)B

2.2(1b)C

Flash Adapters and HDD Firmware Management

2.2(1b)B

2.2(1b)C

Precision Boot Order Control

2.2(1b)B

2.2(1b)C

Trusted Platform Module (TPM) Inventory

2.2(1b)B

2.2(1b)C

DIMM Blacklisting and Correctable Error Reporting

2.2(1b)B

2.2(3a)C

Netflow monitoring support:

  • Cisco UCS VIC 1240 and 1280

  • Cisco UCS VIC 1225

  • Cisco UCS VIC 1227

  • Cisco UCS VIC 1340 and 1380

  • Cisco UCS VIC 1225T and 1227T

2.2(2c)B

2.2(3a)B

2.2(2c)C

2.2(3a)C

2.2(4b)C

Stateless Offload for Overlay Networks (NVGRE / VXLAN)

Note 

Supported only on Cisco UCS VIC 1340 and VIC 1380 adapters.

2.2(3a)B

BIOS secure boot support

2.2(1b)B

2.2(3a)C

CIMC secure boot support

2.2(1b)B

2.2(3a)C

RDMA over Converged Ethernet (RoCE) support for Microsoft SMB Direct

Note 

Supported only on Cisco UCS VIC 1340 and VIC 1380 adapters.

2.2(4b)B

LLDP support for Fabric Interconnect vEthernet Interfaces

2.2(4b)B

2.2(4b)C

Policy-based port error handling

2.2(4b)B

2.2(4b)C

Advanced Local Storage Configuration

2.2(4b)B

2.2(4b)C

Pass-through capability for Gen 3 Fusion IO Mezzanine cards

2.2(4b)B

Fabric Interconnect traffic evacuation

2.2(4b)B

2.2(4b)C

Per Fabric Interconnect chassis reacknowledgment

2.2(4b)B

Trusted Platform Module (TPM) configuration support

2.2(4b)B

2.2(4b)C

Consistent Device Naming (CDN) support

Note 

CDN is supported only on Windows 2012 R2.

2.2(4b)B

2.2(4b)C

CIFS authentication protocol support for Scriptable vMedia

2.2(4b)B

2.2(4b)C

Support for Service Profile migration with UEFI boot mode

2.2(4b)B

2.2(4b)C

Support NVGRE with IPv6 and VMQ

2.2(4b)B

Support usNIC with Intel® MPI

2.2(4b)B

2.2(4b)C

Server support for 4K Drives

2.2(4b)C

For detailed instructions for updating the Cisco UCS software and firmware, see the appropriate Upgrading Cisco UCS document for your installation.

Internal Dependencies

The table shows interdependencies between the hardware and versions of Cisco UCS Manager. Server FRU items such as DIMMs are dependent on their server type, and chassis items such as fans and power supplies work with all versions of Cisco UCS Manager.

Table 4. Internal Dependencies

Component

Minimum Qualified Software Version1

Recommended Software Version

Servers

B22 M3 E5-2400

B22 M3 E5-2400 v2

2.1(3k)

2.2(2e)

2.2(8m)

2.2(8m)

B200 M1 and M2

2.2(2e)

2.2(8m)

B200 M3 E5-2600

B200 M3 E5-2600 v2

2.1(3k)

2.2(2e)

2.2(8m)

B200 M4 E5-2600 v3

B200 M4 E5-2600 v42

2.2(3a)

2.2(8m)

2.2(7b)

2.2(8m)

B230 M1 and M2

2.1(3k)

2.2(8m)

B250 M1 and M2

2.1(3k)

2.2(8m)

B260 M4 E7-2800 v2

B260 M4 E7-4800 v2

B260 M4 E7-8800 v2

B260 M4 E7-4800 v3

B260 M4 E7-8800 v3

B260 M4 E7-4800 v4

B260 M4 E7-8800 v4

2.2(2e)

2.2(2e)

2.2(2e)

2.2(5d)

2.2(5d)

2.2(8c)

2.2(8c)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

B420 M3 E5-4600

B420 M3 E5-4600 v2

2.1(3k)

2.2(2e)

2.2(8m)

2.2(8m)

B440 M1 and M2

2.1(3k)

2.2(8m)

B420 M4 E5-4600 v3

B420 M4 E5-4600 v4

2.2(5d)

2.2(8a)

2.2(8m)

2.2(8m)

B460 M4 E7-4800 v2

B460 M4 E7-8800 v2

B460 M4 E7-4800 v3

B460 M4 E7-8800 v3

B460 M4 E7-4800 v4

B460 M4 E7-8800 v4

2.2(2e)

2.2(2e)

2.2(5d)

2.2(5d)

2.2(8c)

2.2(8c)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

C22 M3 and M3L

2.1(3k)

2.2(8m)

C24 M3, M3L, and M3S2

2.1(3k)

2.2(8m)

C200 M2 and M2 SFF

2.1(3k)

2.2(8m)

C210 M2

2.1(3k)

2.2(8m)

C220 M33

2.1(3k)

2.2(8m)

C220 M4

C220 M4 E5-2600 v4

2.2(3k)

2.2(7c)

2.2(8m)

2.2(8m)

C240 M33

2.1(3k)

2.2(8m)

C240 M4

C240 M4 E5-2600 v4

2.2(3k)

2.2(7c)

2.2(8m)

2.2(8m)

C250 M2

2.1(3k)

2.2(8m)

C260 M2

2.1(3k)

2.2(8m)

C420 M3

2.1(3k)

2.2(8m)

C460 M2

2.1(3k)

2.2(8m)

C460 M4 E7-2800 v2

C460 M4 E7-4800 v2

C460 M4 E7-8800 v2

C460 M4 E7-4800 v3

C460 M4 E7-8800 v3

C460 M4 E7-8800 v4

2.2(2e)

2.2(2e)

2.2(2e)

2.2(5d)

2.2(5d)

2.2(8d)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

2.2(8m)

Adapters

UCS 82598KR-CI

UCS M71KR-E

UCS M71KR-Q

2.1(3k)

2.2(8m)

UCS M81KR

2.1(3k)

2.2(8m)

UCS NIC M51KR-B

UCS CNA M61KR-I4

UCS CNA M72KR-Q

UCS CNA M73KR-Q

UCS CNA M72KR-E

2.1(3k)

2.2(8m)

UCS-VIC-M82-8P

UCSB-MLOM-40G-01

UCSB-MLOM-PT-01

2.1(3k)

2.2(8m)

UCSB-MLOM-40G-03

UCSB-VIC-M83-8P

UCSC-MLOM-CSC-02

2.2(3a)

2.2(8m)

UCSB-MEZ-ELX-03

UCSB-MEZ-QLG-03

UCSC-PCIE-CSC-02

2.1(3k)

2.2(8m)

UCSC-F-FIO-1000MP

UCSC-F-FIO-1300MP

UCSC-F-FIO-2600MP

UCSC-F-FIO-5200MP

2.2(3a)

2.2(8m)

UCSB-FIO-1600MS

UCSB-FIO-1300MS

2.2(3a)

2.2(8m)

UCSC-INVADER-3108

UCSC-NYTRO-200GB

2.2(3a)

2.2(8m)

UCSC-MLOM-C10T-02

UCSC-PCIE-C10T-02

UCSC-F-FIO-785M

UCSC-F-FIO-365M

UCSC-F-FIO-1205M

UCSC-F-FIO-3000M

UCSC-F-FIO1000PS

UCSC-F-FIO1300PS

UCSC-F-FIO2600PS

UCSC-F-FIO5200PS

UCSC-F-FIO-6400SS

UCSC-F-FIO-3200SS

2.2(4b)

2.2(8m)

GPU

UCSB-GPU-M6

2.2(7b)

2.2(8m)

Chassis5

N20-C6508

2.2(1b)

2.2(8m)

UCSB-5108-DC

2.2(1b)

2.2(8m)

UCSB-5108-AC2

2.2(1b)

2.2(8m)

UCSB-5108-DC2

2.2(1b)

2.2(8m)

UCSB-5108-HVDC

2.2(2c)

2.2(8m)

Fabric Interconnect

UCS 6120XP

2.2(7c)

2.2(8m)

UCS 6140XP

2.2(7c)

2.2(8m)

UCS 6248UP

2.2(7c)

2.2(8m)

UCS 6296UP

2.2(7c)

2.2(8m)

Fabric Extender or I/OM

UCS 2104

2.2(7c)

2.2(8m)

UCS 2208XP

2.2(7c)

2.2(8m)

UCS 2204XP

2.2(7c)

2.2(8m)

Cisco Nexus 2232PP

2.2(7c)

2.2(8m)

Cisco Nexus 2232TM-E

2.2(7c)

2.2(8m)

Fabric Interconnect Expansion Modules

N10-E0440

N10-E0600

N10-E0080

2.2(7c)

2.2(8m)

N10-E0060

2.2(7c)

2.2(8m)

UCS-FI-E16UP

2.2(7c)

2.2(8m)

Power Supplies

UCSC-PSUV2-1050DC

2.2(7c)

2.2(8m)

UCSB-PSU-2500HVDC

2.2(7c)

2.2(8m)

UCSC-PSU-930WDC

UCSC-PSU1-770W

UCSC-PSU2-1400

UCSC-PSU2V2-650W

UCSC-PSU2V2-1200W

2.2(7c)

2.2(8m)

NVME SSD Drives

UCS-SDHPCIE800GB

2.2(7c)

2.2(8m)

UCS-SDHPCIE1600GB[1]

2.2(7c)

2.2(8m)

10-GB Connections

SFP-10G-SR, SFP-10G-LR

SFP-H10GB-CU1M

SFP-H10GB-CU3M

SFP-H10GB-CU5M

2.2(7c)

2.2(8m)

SFP-H10GB-ACU7M

SFP-H10GB-ACU10M

2.2(7c)

2.2(8m)

FET-10G

SFP-10G-AOC7:

SFP-10G-AOC1M

SFP-10G-AOC2M

SFP-10G-AOC3M

SFP-10G-AOC5M

SFP-10G-AOC7M

SFP-10G-AOC10M

2.2(7c)

2.2(8m)

8-GB Connections (FC Expansion Module N10-E0060)

DS-SFP-FC8G-SW

DS-SFP-FC8G-L

2.2(7c)

2.2(8m)

4-GB Connections (FC Expansion Module N10-E0080)

DS-SFP-FC4G-SW

DS-SFP-FC4G-LW

2.2(7c)

2.2(8m)

1-GB Connections

GLC-T (V03 or higher)

GLC-SX-MM

GLC-LH-SM

2.2(7c)

2.2(8m)

  1. This is the minimum server bundle recommended for this hardware in a mixed firmware configuration, assuming the infrastructure is at the recommended software version.

  2. Cisco UCS Manager Release 2.2(4) introduced a server pack feature that allows Intel E5-2600 v4 CPUs to run with Cisco UCS Manager Release 2.2(4) or later releases, provided the CIMC, BIOS, and Capability Catalog are all running Cisco UCS Manager Release 2.2(7). For upgrading B200 M4 servers from v3 CPUs to v4 CPUs, refer to Cisco UCS B200 M4 Server Upgrade Guide for E5-2600 v4 Series CPUs.

  3. See the Software Advisory for the minimum firmware level required on the Cisco UCS C220 M3 and Cisco UCS C240 M3.

  4. N20-AI0002, the Cisco UCS 82598KR-CI 10-Gb Ethernet Adapter, is not supported on the B440 server but is still available for other models. We suggest you use the Cisco UCS CNA M61KR-I Intel Converged Network Adapter in place of the Cisco UCS 82598KR-CI 10-Gb Ethernet Adapter.

  5. Recommended minimum software versions do not take into account mixed environments; to determine the minimum software version for your mixed environment, refer to, Updating Cisco UCS Releases.

  6. For 1.6 TB HGST NVME drives, when used with B200-M4 blade servers, the minimum required board controller version is 12, which is bundled with Cisco UCS Manager Release 2.2(7c)B.

  7. Cisco 1225 and 1227 VIC cards are not supported with SFP-10G-AOC cables. SFP-10G-AOC cables are only supported with Cisco 1385 and 1387 VIC cards.

Capability Catalog

The Cisco UCS Manager uses the catalog to update the display and configurability of server components such as newly qualified DIMMs and disk drives. The Cisco UCS Manager Capability Catalog is a single image, but it is also embedded in Cisco UCS Manager. Cisco UCS Manager 2.2(x) releases work with any 2.2(x) catalog file, but not the 1.x, 2.0 or 2.1 catalog versions. If a server component is not dependent on a specific BIOS version, using it and having it recognized by Cisco UCS Manager is primarily a function of the catalog version. The catalog is released as a single image in some cases for convenience purposes in addition to being bundled with UCS infrastructure releases. See Table 5 for details on the mapping of versions to bundles.

Table 5. Version Mapping

UCS Release

Catalog File

Adds Support for PID

Additional Parts Qualified for PID

2.2(8m)

ucs-catalog.2.2.8k.T.bin

2.2(8l)

ucs-catalog.2.2.8k.T.bin

2.2(8j)

ucs-catalog.2.2.8k.T.bin

Drives
  • UCS-SD960GIKS4-EV

  • UCS-SD120GBMS4-EV

  • UCS-SD240GBMS4-EV

  • UCS-SD480GBMS4-EV

  • UCS-SD960GBMS4-EV

  • UCS-SD16TBMS4-EV

  • UCS-SD19TBMS4-EV

  • UCS-SD38TBMS4-EV

  • UCS-SD76TBMS4-EV

  • UCS-SD240GBM1K9

  • UCS-SD960GBM1K9

  • UCS-SD38TBM1K9

  • UCS-S3260-HD8TB

  • UCS-S3260-8TBRR

  • UCS-HD1T7KL6GA

  • UCS-HD4T7KL6GA

  • UCS-HD6T7KL6GA

  • UCS-SD480GSAS-EV

  • UCS-SD960GSAS-EV

  • UCS-SD19TSAS-EV

  • UCS-SD38TSAS-EV

  • UCS-SD400GSAS3-EP

  • UCS-SD800GSAS3-EP

  • UCS-SD16TSASS3-EP

  • UCS-SD32TSASS3-EP

  • UCS-HD2T7KL6GA

    Note 

    Orderable with hardware and software RAID configuration.

2.2(8g)

ucs-catalog.2.2.8h.T.bin

--

--

2.2(8f)

ucs-catalog.2.2.8f.T.bin

Cisco UCS C220, C240, B200, B420, and S3260 CPUs

UCS-CPU-E52699AE

--

--

ucs-catalog.2.2.8e.T.bin

Drives

UCS-SD480GBKS-EV

UCS-SD19TBKSS-EV

--

2.2(8d)

ucs-catalog.2.2.8d.T.bin

--

--

2.2(8c)

ucs-catalog.2.2.8c.T.bin

--

--

2.2(8b)

ucs-catalog.2.2.8b.T.bin

--

--

2.2(8a)

ucs-catalog.2.2.8a.T.bin

Cisco UCS B420 M4

CPU

  • UCS-CPU-E5-4660E

  • UCS-CPU-E5-4650E

  • UCS-CPU-E5-4640E

  • UCS-CPU-E5-4620E

  • UCS-CPU-E5-4610E

  • UCS-CPU-E5-4669E

  • UCS-CPU-E5-4667E

  • UCS-CPU-E5-4655E

  • UCS-CPU-E5-4627E

Memory

  • UCS-MR-1X322RV-A

  • UCS-MR-1X161RV-A

  • UCS-ML-1X324RV-A

  • UCS-ML-1X644RV-A

TPM

  • UCSX-TPM2-002

C460 M4 E7-8800 v4

CPU

  • UCS-CPU-E78890E

  • UCS-CPU-E78880E

  • UCS-CPU-E78870E

  • UCS-CPU-E78860E

  • UCS-CPU-E74850E

  • UCS-CPU-E74830E

  • UCS-CPU-E74820E

  • UCS-CPU-E74809E

  • UCS-CPU-E78891E

  • UCS-CPU-E78893E

  • UCS-CPU-E78867E

Memory

  • UCS-MR-1X161RV-G

TPM

  • UCSX-TPM1-002

B260 M4 and B460 M4 E7- 4800 v4 , E7-8800 v4

CPU

  • UCS-CPU-E78890E

  • UCS-CPU-E78880E

  • UCS-CPU-E78870E

  • UCS-CPU-E78860E

  • UCS-CPU-E74850E

  • UCS-CPU-E74830E

  • UCS-CPU-E74820E

  • UCS-CPU-E74809E

  • UCS-CPU-E78891E

  • UCS-CPU-E78893E

  • UCS-CPU-E78867E

Memory

  • UCS-MR-1X161RV-G

  • UCS-MR-1X322RU-G

  • UCS-ML-1X644RU-G

  • UCS-ML-1X324RU-G

HDD

  • UCS-SD120GB7M-EV

  • UCS-SD16TB7M-EV

  • UCS-SD480GB7M-EP

TPM

  • UCSX-TPM1-002

CPU

  • UCS-CPU-E5-4660D

  • UCS-CPU-E5-4650D

  • UCS-CPU-E5-4640D

  • UCS-CPU-E5-4620D

  • UCS-CPU-E5-4610D

  • UCS-CPU-E5-4669D

  • UCS-CPU-E5-4667D

  • UCS-CPU-E5-4655D

  • UCS-CPU-E5-4627D

Memory

  • UCS-MR-1X081RU-A

  • UCS-MR-1X162RU-A

  • UCS-MR-1X161RV-A

  • UCS-ML-1X324RV-A

  • UCS-MR-1X322RV-A

  • UCS-MR-2X082RY-E

  • UCS-MR-2X162RY-E

  • UCS-ML-2X324RY-E

  • UCS-ML-2X648RY-E

  • UCS-MR-1X081RU-G

  • UCS-MR-1X162RU-G

  • UCS-MR-1X322RU-G

2.2(7e)

ucs-catalog.2.2.7c.T.bin

2.2(7d)

ucs-catalog.2.2.7c.T.bin

2.2(7c)

ucs-catalog.2.2.7c.T.bin

2.2(7b)

ucs-catalog.2.2.7b.T.bin

Cisco UCS B200 M4, C220 M4, and C240 M4 CPUs

  • UCS-CPU-E52699E

  • UCS-CPU-E52698E

  • UCS-CPU-E52697AE

  • UCS-CPU-E52697E

  • UCS-CPU-E52695E

  • UCS-CPU-E52690E

  • UCS-CPU-E52683E

  • UCS-CPU-E52680E

  • UCS-CPU-E52667E

  • UCS-CPU-E52660E

  • UCS-CPU-E52658E

  • UCS-CPU-E52650E

  • UCS-CPU-E52650LE

  • UCS-CPU-E52643E

  • UCS-CPU-E52640E

  • UCS-CPU-E52637E

  • UCS-CPU-E52630E

  • UCS-CPU-E52630LE

  • UCS-CPU-E52623E

  • UCS-CPU-E52620E

  • UCS-CPU-E52609E

Storage Controller

  • UCSB-LSTOR-PT

PCIe adapter card

  • UCSC-SAS12GHBA

Memory

  • UCS-ML-1X324RU-G

  • UCS-ML-1X644RU-G

  • UCS-MR-1X081RV-A

  • UCS-MR-1X161RV-A

  • UCS-MR-1X322RV-A

  • UCS-ML-1X324RV-A

    Note 

    Requires Cisco UCS Manager Release 2.2(7c) or later releases.

  • UCS-ML-1X644RV-A

    Note 

    Requires Cisco UCS Manager Release 2.2(7c) or later releases.

Drives

  • UCS-SD400GBK9

  • UCS-HD1T7KL12G

  • UCS-HD2T7KL12G

  • UCS-HD4T7KL12G

  • UCS-HD2T7KL6GA

  • UCS-HD10T7KL4K

  • UCS-HD4TBK9

  • A03-D300GA2

  • A03-D600GA2

  • UCS-HDD900GI2F106

  • UCS-SD16TBKS4-EV

GPU

  • UCSB-GPU-M6

    Note 

    UCSB-GPU-M6 Requires Cisco UCS Manager 2.2(7b) or later releases.

  • UCSC-GPU-M60

Crypto Card

  • CSB-MEZ-INT8955

NVME Drives

  • UCS-SDHPCIE800GB

  • UCS-SDHPCIE1600GB

Note 

For 1.6 TB HGST NVME drives, when used with B200-M4 blade servers, the minimum required board controller version is 12, which is bundled with Cisco UCS Manager Release 2.2(7b)B.

Qlogic network adapters

  • UCSC-PCIE-QNICBT

  • UCSC-PCIE-QNICSFP

Cisco UCS VIC adapters

  • UCSC-PCIE-C40Q-03

  • UCSC-MLOM-C40Q-03

Memory

  • UCS-ML-1X324RU-A

  • UCS-MR-1X081RU-G

  • UCS-MR-1X162RU-A

  • UCS-MR-1X162RU-G

  • UCS-MR-1X322RU-G

  • UCS-MR-2X162RY-E

2.2(6j)

2.2(6i)

2.2(6g)

2.2(6f)

ucs-catalog.2.2.6f.T.bin

2.2(6e)

ucs-catalog.2.2.6e.T.bin

  • UCS-SD480GBKS4-EV

  • UCS-SD16TBKS4-EV

  • UCS-HD600G10KS4K

  • UCS-MR-2X162RY-E

  • UCS-SD480G12S3-EP

  • UCS-SD120GBKS4-EV

  • UCS-SD16TB12S3-EP

2.2(6d)

2.2(6c)

ucs-catalog.2.2.6c.T.bin

Additional Memory

  • UCS-ML-1X324RU-A

  • UCS-ML-1X324RU-G

  • UCS-ML-1X648RU-G

  • UCS-MR-1X162RY-A

  • UCS-MR-2X162RX-C

  • UCS-MR-2X162RY-E

Drives

  • UCS-HD12TB10K12G

  • UCS-HD1T7K12G

  • UCS-HD1T7K6GA

  • UCS-HD2T7K12G

  • UCS-HD2T7KL12G

  • UCS-HD300G10K12G

  • UCS-HD300G15K12G

  • UCS-HD450G15K12G

  • UCS-HD4T7KL12G

  • UCS-HD600G10K12G

  • UCS-HD600G15K12G

  • UCS-HD8T7KL4K

  • UCS-HD900G10K12G

  • UCS-SD16TB12S3-EP

  • UCS-SD16TB12S4-EP

  • UCS-SD16TBKS4-EV

  • UCS-SD240GBKS4-EV

  • UCS-SD38TBKS4-EV

  • UCS-SD400G12S4-EP

  • UCS-SD480G12S3-EP

  • UCS-SD480GBKS4-EV

  • UCS-SD800G12S4-EP

  • UCS-SD960GBKS4-EV

2.2(5d)

2.2(5c)

ucs-catalog.2.2.5b.T.bin

2.2(5b)

Cisco UCS B420 M4 (UCSB-B420-M4)

  • Memory: UCS-MR-1X648RU-A

2.2(5a)

ucs-catalog.2.2.5a.T.bin

Cisco UCS B420 M4 (UCSB-B420-M4)

CPU

  • UCS-CPU-E5-4660D

  • UCS-CPU-E5-4650D

  • UCS-CPU-E5-4640D

  • UCS-CPU-E5-4620D

  • UCS-CPU-E5-4610D

  • UCS-CPU-E5-4669D

  • UCS-CPU-E5-4667D

  • UCS-CPU-E5-4655D

  • UCS-CPU-E5-4627D

Memory

  • UCS-MR-1X322RU-A

  • UCS-MR-1X162RU-A

  • UCS-MR-1X081RU-A

Cisco UCS B260 M4 (UCSB-B260-M4) and Cisco UCS B460 M4 (UCSB-B460-M4)

CPU

  • UCS-CPU-E78890D

  • UCS-CPU-E78880D

  • UCS-CPU-E78870D

  • UCS-CPU-E78860D

  • UCS-CPU-E74850D

  • UCS-CPU-E74830D

  • UCS-CPU-E74820D

  • UCS-CPU-E74809D

  • UCS-CPU-E78891D

  • UCS-CPU-E78893D

  • UCS-CPU-E78880LD

  • UCS-CPU-E78867D

Memory

  • UCS-MR-2X082RY-E

  • UCS-MR-2X162RY-E

  • UCS-ML-2X324RY-E

  • UCS-ML-2X648RY-E

Cisco UCS C460 M4 (UCSC-C460-M4)

CPU

  • UCS-CPU-E74809D

  • UCS-CPU-E74820D

  • UCS-CPU-E74830D

  • UCS-CPU-E74850D

  • UCS-CPU-E78860D

  • UCS-CPU-E78867D

  • UCS-CPU-E78870D

  • UCS-CPU-E78880D

  • UCS-CPU-E78880LD

  • UCS-CPU-E78890D

  • UCS-CPU-E78891D

  • UCS-CPU-E78893D

Memory

  • UCSC-MRBD2-12

  • UCS-MR-1X081RU-G

  • UCS-MR-1X162RU-G

  • UCS-MR-1X322RU-G

Storage Controller

  • UCSC-MRAIDC460

  • UCSC-MRAID12G

GPU

  • UCSC-GPU-K80

2.2(4c)

Additional Cisco UCS B200 M4

  • UCS-MR-1X648RU-A

2.2(4b)

ucs-catalog.2.2.4b.T.bin1

Additional Cisco UCS B200 M4, C220 M4, and C240 M4 Memory

  • UCS-MR-1X322RU-A

Additional Cisco UCS C220 M4, and C240 M4 Memory

  • UCS-MR-1X648RU-A

Adapters

  • UCSC-MLOM-C10T-02

  • UCSC-PCIE-C10T-02

  • UCSC-PCIE-Q8362

Drives

  • UCS-HD18TB10KS4K

  • UCS-HD600G10KS4K

Fabric Extender

  • N2K-C2232TM-E-10GE

2.2(3l)

2.2(3k)

2.2(3j)

2.2(3h)

ucs-catalog.2.2.3d.T.bin

2.2(3g)

ucs-catalog.2.2.3c.T.bin

2.2(3f)

2.2(3e)

2.2(3d)

ucs-catalog.2.2.3b.T.bin1

2.2(3c)

Additional Cisco UCS B200 M4 CPUs

  • UCS-CPU-E52640D

  • UCS-CPU-E52630D

  • UCS-CPU-E52630LD

  • UCS-CPU-E52623D

  • UCS-CPU-E52620D

  • UCS-CPU-E52609D

  • UCS-CPU-E52637D

  • UCS-CPU-E52650LD

2.2(3b)

2.2(3a)

ucs-catalog.2.2.3a.T.bin1

Cisco UCS B200 M4 (UCSB-B200-M4)

CPU

  • UCS-CPU-E52699D

  • UCS-CPU-E52698D

  • UCS-CPU-E52697D

  • UCS-CPU-E52695D

  • UCS-CPU-E52690D

  • UCS-CPU-E52683D

  • UCS-CPU-E52680D

  • UCS-CPU-E52670D

  • UCS-CPU-E52667D

  • UCS-CPU-E52660D

  • UCS-CPU-E52658D

  • UCS-CPU-E52650D

  • UCS-CPU-E52643D

Memory

  • UCS-MR-1X081RU-A

  • UCS-MR-1X162RU-A

  • UCS-ML-1X324RU-A

Fusion IO Memory

  • UCSB-F-FIO-1300MP

  • UCSB-F-FIO-1600MS

Cisco UCS C220 M4 (UCSC-C220-M4) and Cisco UCS C240 M4 (UCSC-C240-M4)

CPU

  • UCS-CPU-E5-2620

  • UCS-CPU-E5-2630

  • UCS-CPU-E5-2630L

  • UCS-CPU-E5-2640

  • UCS-CPU-E5-2643

  • UCS-CPU-E5-2650

  • UCS-CPU-E5-2650L

  • UCS-CPU-E5-2660

  • UCS-CPU-E5-2665

  • UCS-CPU-E5-2670

  • UCS-CPU-E5-2680

  • UCS-CPU-E5-2690

Memory

  • UCS-MR-1X081RU-A

  • UCS-MR-1X162RU-A

  • UCS-ML-1X324RU-A

2.2(2e)

2.2(2d)

2.2(2c)

ucs-catalog.2.2.2c.T.bin1

Cisco UCS B22 M3 (UCSB-B22-M3)

CPU

  • UCS-CPU-E52470B

  • UCS-CPU-E52450B

  • UCS-CPU-E52440B

  • UCS-CPU-E52430LB

  • UCS-CPU-E52403B

  • UCS-CPU-E52420B

  • UCS-CPU-E52407B

Memory

  • UCS-ML-1X324RY-A

  • UCS-MR-1X162RY-A

  • UCS-MR-1X082RY-A

  • UCS-MR-1X041RY-A

Cisco UCS B260-M4 (UCSB-EX-M4-1)

CPU

  • UCS-CPU-E78893B

  • UCS-CPU-E78891B

  • UCS-CPU-E78880LB

  • UCS-CPU-E78857B

  • UCS-CPU-E74890B

  • UCS-CPU-E74880B

  • UCS-CPU-E74870B

  • UCS-CPU-E74860B

  • UCS-CPU-E74850B

  • UCS-CPU-E74830B

  • UCS-CPU-E74820B

  • UCS-CPU-E74809B

  • UCS-CPU-E72890B

  • UCS-CPU-E72880B

  • UCS-CPU-E72870B

  • UCS-CPU-E772850B

Memory

  • UCS-ML-2X324RY-E

  • UCS-MR-2X162RY-E

  • UCS-MR-2X082RY-E

Cisco UCS B420-M3 (UCSB-B420-M3)

CPU

  • UCS-CPU-E54603B

  • UCS-CPU-E54627B

  • UCS-CPU-E54610B

  • UCS-CPU-E54650B

  • UCS-CPU-E54607B

  • UCS-CPU-E54620B

  • UCS-CPU-E54640B

  • UCS-CPU-E54657LB

Memory

  • UCS-ML-1X324RZ-A

  • UCS-MR-1X162RZ-A

  • UCS-MR-1X082RZ-A

Cisco UCS B460-M4 (UCSB-EX-M4-1)

CPU

  • UCS-CPU-E74809B

  • UCS-CPU-E74820B

  • UCS-CPU-E74830B

  • UCS-CPU-E74850B

  • UCS-CPU-E74860B

  • UCS-CPU-E74870B

  • UCS-CPU-E74880B

  • UCS-CPU-E74890B

  • UCS-CPU-E78857B

  • UCS-CPU-E78880LB

  • UCS-CPU-E78891B

  • UCS-CPU-E78893B

Memory

  • UCS-ML-2X324RY-E

  • UCS-MR-2X082RY-E

  • UCS-MR-2X162RY-E

2.2(1h)

2.2(1g)

2.2(1f)

2.2(1e)

ucs-catalog.2.2.1d.T.bin

2.2(1d)

ucs-catalog.2.2.1d.T.bin1

ucs-catalog.2.2.1d.T.bin1

UCS-HD12T10KS2-E

UCS-ML-1X324RY-A

UCS-MR-2X041RY-B

UCS-MR-2X082RY-B

ucs-catalog.2.2.1c.T.bin1

UCS-MR-1X041RY-A

UCS-MR-1X082RY-A

UCS-MR-1X082RZ-A

UCS-MR-2X041RX-C

UCS-MR-2X082RX-C

UCS-MR-2X162RX-C

2.2(1c)

ucs-catalog.2.2.1b.T.bin

2.2(1b)

ucs-catalog.2.2.1b.T.bin

UCS-ML-1X324RZ-A

UCS-SD200G0KS2-EP

UCS-SD400G0KS2-EP

UCS-SD800G0KS2-EP

UCSB-5108-AC2

UCSB-5108-DC2

1 Available for separate download.

Further details are in the Cisco UCS Manager Configuration Guides.

New Hardware Features in Release 2.2

New Hardware Features in Release 2.2(8m)

None

New Hardware Features in Release 2.2(8l)

None

New Hardware Features in Release 2.2(8j)

None

Release 2.2(8f) adds support for the following:

  • Cisco C220, C240, B200, B420, and S3260 shipping with Intel® Xeon® Processor E5 2699A v4 series CPU

Release 2.2(8c) adds support for the following:

  • Cisco UCS B260 and B460 M4 shipping with Intel® Xeon® Processor E7-4800 v4 and E7-8800 v4 series CPUs

  • Cisco UCS C460 M4 shipping with Intel® Xeon® Processor E7-8800 v4 series CPUs

Release 2.2(8a) adds support for the following:

  • Cisco UCS B420 M4 shipping with Intel® Xeon® Processor E5-4600 v4 series CPUs

  • Trusted Platform Module (TPM) 2.0 for B260, B420, B460 and C460 M4 servers

Release 2.2(7b) adds support for the following:

  • Cisco UCS B200 M4, C220 M4, and C240 M4 shipping with the Intel® Xeon® Processor E5-2600 v4 series CPUs on Cisco UCS 6100 and 6200 Series fabric interconnects

  • NVIDIA Tesla M6 GPU accelerator for B200 M4 servers

  • NVIDIA Tesla M60 GPU accelerator for C-Series Servers

  • UCSB-LSTOR-PT storage controller

  • SX350 Fusion IO adapters:

    • UCSC-F-S32002

    • UCSC-F-S13002

    • UCSC-F-S16002

    • UCSC-F-S64002

  • UCSC-SAS12GHBA PCIe adapter card

  • UCS-RAID9286CV-8E RAID controller

  • UCSC-C240-M4SNEBS

  • PCIe SSD on B200 M4 servers

  • Trusted Platform Module (TPM) 2.0

  • QLogic QLE8442 10Gb Dual port 10GBaseT network adapter

  • QLogic QLE8442 10Gb Dual port SFP+ network adapter

  • Cisco UCS VIC 1385 and VIC 1387 network adapters

  • Emulex OCE14102 B network adapter

Release 2.2(5a) adds support for the following:

  • Cisco UCS B420 M4 servers shipping with Intel E5-4600 v3 series CPUs

  • Cisco UCS B260 M4 and B460 M4 servers shipping with Intel E7-4800 v3 series or E7-8800 v3 series CPUs

  • Cisco UCS C460 M4 servers shipping with Intel E7-4800 v3 series and E7-8800 v3 series CPUs

  • Cisco 12G SAS Modular RAID Controller (12-port)

  • Cisco 12G SAS Modular RAID Controller support for Cisco UCS C460 M4 servers

  • NVIDIA Tesla K80 GPU accelerator for C-Series servers

Release 2.2(4b) adds support for the following:

  • Cisco UCS VIC 1227T adapter modular LOM (mLOM) for Cisco UCS C220 M4 and C240 M4 servers

  • Cisco UCS VIC 1225T adapter for C-Series servers1

  • Cisco UCS VIC 1340 and VIC 1380 adapters for Cisco UCS B420 M3 server2

  • Cisco UCSC-PCIE-Q8362 adapter for all M3 and M4 C-Series servers

  • Cisco Nexus 2232TM-E 10GE Fabric Extender with support for Cisco UCS VIC 1225T and VIC 1227T adapters.

1 Except for Cisco UCS C22 M3, C24 M3 and C420 M3 servers

2 Cisco UCS VIC 1340 and VIC 1380 adapters only support Cisco 6200 Series Fabric Interconnects and later models.

Release 2.2(3a) adds support for the following:

  • Cisco UCS B200 M4 servers shipping with Intel E5-2600 v3 series CPUs

  • Cisco UCS C220 M4/C240 M4 servers shipping with Intel E5-2600 v3 Series CPUs

  • Cisco UCS VIC 1227 adapter modular LOM (mLOM) for Cisco UCS C220 M4 and C240M4 servers

  • Cisco UCS VIC 1340 and VIC 1380 adapters for Cisco UCS B200 M3, B200 M4, B260 M4, and B460 M4 servers2

  • Fusion IO ioMemory for B-series and C-series servers

  • LSI Nytro MegaRaid NMR 8110-4i for C240 M3 server

  • NVIDIA Tesla K40 GPU accelerator for C-Series Servers

  • Emulex OCE14102 CNA

  • FX3S Support

  • 10GB TwinAx cables (2m)

  • 10GB AOC cables (1m, 2m, 3m, 5, 7m, and 10m)

Release 2.2(2c) adds support for the following:

  • B22 M3 servers shipping with Intel E5-2400 v2 CPUs.

  • B420 M3 servers shipping with Intel E5-4600 v2 CPUs.

  • B260 M4 servers shipping with two Intel E7-2800 v2 or E7-4800 v2 or E7-8800 v2 CPUs.

  • B460 M4 servers shipping with four Intel E7-4800 v2 or E7-8800 v2 CPUs.

  • C22 M3/C24 M3 servers shipping with Intel E5-2400 v2 CPUs.

  • C460 M4 servers shipping with two or four Intel E7-4800 v2 or E7-8800 v2 CPUs.

  • Chassis with updated backplane and High Voltage DC support (200v DC - 380v DC) - UCSB-5108-HVDC

Release 2.2(1b) adds support for the following:

  • Chassis with updated backplane UCSB-5108-AC2 or UCSB-5108-DC2

New Software Features in Release 2.2

New Software Features in Release 2.2(8m)

None

New Software Features in Release 2.2(8l)

None

New Software Features in Release 2.2(8j)

None

Release 2.2(8a) adds support for the following:

  • Next Boot—The maintenance policy now provides an On Next Boot option. This option is used in combination with either User Ack or Timer Automatic. With the On Next Boot option enabled, one of the following conditions can trigger the associated FSM to apply the changes waiting for the User Ack, or the Timer Automatic maintenance window.

    • If the host OS reboots, shuts down, or resets, initiated from an external, non-UCS source

    • If the server resets, or shuts down

  • Graceful shutdown—When you acknowledge a server reboot using the graceful shut down options or a change in the service profile that requires the server reboot, Cisco UCS Manager waits until the time specified time in the maintenance policy before performing a hard shut down.

  • Health monitoring of end points—Enhanced health monitoring of end points for fabric interconnects, IOMs, FEXes, blade servers, and rack servers.

  • Power synchronization between servers and their associated service profiles—Cisco UCS Manager includes a global (default) power sync policy to synchronize the power state between the associated service profiles and the servers when the desired power state of the service profile differs from the actual power state of the server. The power sync policy applies to all the service profiles by default. You can edit the default policy, but cannot delete it. You can also create your own policies and apply them to service profiles.

  • Factory reset of blade servers—You can now reset a blade server to its factory settings. By default, the factory reset operation does not affect storage drives and flexflash drives. This is to prevent any loss of data. However, you can also choose to reset these devices to a known state.

  • Support for 160 LDAP group maps—Cisco UCS Manager now supports a maximum of 160 LDAP group maps.

  • Virtual Volume Support—Virtual volume support is now supported for ESXi 5.5 and higher.

Release 2.2(7b) adds support for the following:

  • Firmware Upgrade Checks the VIF/Interface Status After Fabric Interconnect Reboot—During firmware upgrade, to ensure proper functioning of all services on the fabric interconnect, it is essential to ensure that port configurations and services that go down when the fabric interconnect reboots are re-established after the fabric interconnect comes back up. Cisco UCS Manager displays any service that is not re-established after the last reboot of a fabric interconnect.

  • vNIC Redundancy Pair— Supports two vNICs/vHBAs that are being configured with a common set of parameters through the vNIC/vHBA template pair. This prevents the configuration between two vNICs/vHBAs from going out of sync. Multiple vNIC/vHBA pairs can be created from the same vNIC/vHBA template pair.

  • Ability to perform UCS Manager initial configuration without console connectivity based on DHCP lease availability.

  • Preserving the following properties during backup or import operations:

    • User-defined labels for Chassis, FEX, Rack Servers, IOMs and Blade Servers

    • Assigned IDs for Chassis, FEX and Rack Servers

  • Locator LED support for server hard-disks—You can now identify where a specific disk is inserted in a blade or rack server using the local locator LED.

  • When you add new servers or adapters to an existing Cisco UCS system with a Cisco UCS Manager release that does not support these servers and adapters, discovery of the system may fail. In case of such a failure, the FSM will display an error message that the server or adapter is not supported on the current UCS firmware version. To resolve this issue, do one of the following:

    • Update the Capability Catalog to the latest compatible release

    • Upgrade the Cisco UCS Manager infrastructure firmware to the version required by the new hardware.

  • Provision to Reset Peer I/O Modules to Factory Defaults—Sometimes, I/O module upgrades can result in failures or I/O modules can become unreachable from Cisco UCS Manager due to memory leaks. You can now reboot an I/O module that is unreachable through its peer I/O module.

    Resetting the I/O module restores the I/O module to factory default settings, deletes all cache files and temporary files, but retains the size-limited OBFL file.

  • vNIC template CDN Source—Enables you to select the Consistent Naming Device (CDN) Source as the vNIC Name, which in turn can either be customized or derived from the vNIC instance.

  • NVMe PCIe SSD Inventory—Cisco UCS Manager discovers, identifies, and displays the inventory of Non-Volatile Memory Express (NVMe) Peripheral Component Interconnect Express (PCIe) SSD storage devices. You can view the health of the storage devices in the server. NVMe with PCIe SSD storage devices reduce latency, increase input/output operations per second (IOPS), and lower power consumption compared to SAS or SATA SSDs.

  • PCH SSD Controller Definition—Cisco UCS Manager Platform Controller Hub (PCH) Solid State Drive (SSD) Controller Definition provides a local storage configuration in storage profiles where you can configure all the disks in a single RAID or in a JBOD disk array.

  • Host Firmware Package Enhancement—You can now exclude firmware of specific components from a host firmware package either when creating a new host firmware package or when modifying an existing host firmware package. For example, if you do not want to upgrade RAID controller firmware through the host firmware package, you can exclude RAID controller firmware from the list of firmware package components.

    Local disk firmware is excluded from the host firmware package by default.

  • Installed Firmware Tab Enhancement—The Installed Firmware tab now displays all the firmware available on the blade server, including SAS controller firmware, FlexFlash controller firmware, and Disk firmware.

  • Provision to suppress VIF down alert—When a blade server that is associated with a service profile is shut down, the VIF down alert F0283 and F0479 are automatically suppressed.

  • EFI Shell as a Boot Device—You can create a boot policy with an EFI Shell as the boot device. Booting from an EFI Shell prevents loss of data and provides more options to script, debug, and control various booting scenarios. EFI Shell is supported as a boot device only in the Uefi boot mode.

  • Multicast Hardware Hash—In a port channel, by default, ingress multicast traffic on any port in the fabric interconnect (FI) selects a particular link between the IOM and the fabric interconnect to egress the traffic. To reduce potential issues with the bandwidth, and to provide effective load balancing of the ingress multicast traffic, hardware hashing is used for multicast traffic. When multicast hardware hashing is enabled, all links between the IOM and the fabric interconnect in a port channel can be used for multicast traffic.

  • Reset All Memory Errors—Provides the ability to clear all the errors from the UCS Manager.

  • CPLD Update of the UCSB-MRAID12G Storage Controller—Starting with Cisco UCS Manager Release 2.2(7b), the infrastructure bundle now supports a CPLD component update. The CPLD update for the UCSB-MRAID12G storage controller can be triggered by doing one of the following:

    • Re-acknowledging the server—If the server did not go through a deep-assoc after upgrading to the Cisco UCS Manager 2.2(7) or later releases.

    • Updating the associated HFP with a supported B bundle—If the server was associated after upgrading to the Cisco UCS Manager 2.2(7) or later releases.

  • VM-FEX Support—Support for ESX VM-FEX added. The support matrix in the Hardware and Software Interoperability Matrix for this release provides more details.

  • SHA-2 Certificate Support—Support for SHA-2 certificate added.

Release 2.2(6c) adds support for the following:

  • KVM—The Virtual Media > Activate Virtual Devices is available.

Release 2.2(4b) adds support for the following:

  • Server Pack—This feature allows you to support new server platforms* on existing infrastructure without requiring a complete firmware upgrade. In this model, new B/C server bundles enabling the new servers will be supported on the previous infrastructure A bundle. For example, Release 2.2(5) B/C server bundles are supported with Release 2.2(4) infrastructure A bundle as highlighted in Updating Cisco UCS Releases. New features introduced in the B/C bundles may only become available after upgrading the A bundle to the respective version.

    The Server Pack feature provides the additional flexibility of adding new server platforms to active UCS domains without incurring the operational overhead of upgrading firmware across the whole domain.

    *The feature will apply to select server platforms.

  • RDMA over Converged Ethernet (RoCE) for Microsoft SMB Direct—RoCE is a link layer protocol, and hence, it enables communication between any two hosts in the same Ethernet broadcast domain. RoCE delivers superior performance compared to traditional network socket implementations because of lower latency, lower CPU utilization and higher utilization of network bandwidth.

    RoCE for Microsoft SMB Direct is supported only on Windows 2012 R2 with Cisco UCS VIC 1340 and 1380 adapters.

  • LLDP Support for Fabric Interconnect vEthernet Interfaces—You can enable and disable LLDP on a vEthernet interface and retrieve information about LAN uplink neighbors. When using Cisco UCS with Cisco Application Centric Infrastructure (ACI), LAN uplinks of the Fabric Interconnect are connected to ACI leaf nodes. Enabling LLDP on a vEthernet interface will help the Application Policy Infrastructure Controller (APIC) to identify the servers connected to the Fabric Interconnect by using vCenter.

  • Policy-Based Port Error Handling—If Cisco UCS Manager detects any errors on active IOM Network Interface (NIF) ports, and if the Error-disable setting is enabled, Cisco UCS Manager automatically disables the respective FI port that is connected to the IOM NIF port that had errors.

    When a FI port is error disabled, it is effectively shut down and no traffic is sent or received on that port.

  • Advanced Local Storage Configuration:

    • Configuration of Storage Profiles and multiple virtual drives—To allow flexibility in defining the number of storage disks, roles and usage of these disks, and other storage parameters, you can create and use storage profiles. A storage profile encapsulates the storage requirements for one or more service profiles. You can also configure multiple virtual drives.

    • Configuration of a local LUN or a JBOD as the primary boot device

    • Support for local storage configuration on multiple storage controllers

    • Support for out-of-band configuration for local storage

  • Pass-through Capability for Gen 3 Fusion IO Mezzanine Cards—Cisco UCS Manager now supports the pass-through capability of Gen 3 Fusion IO Mezzanine cards for blade servers. Pass-through for Mezzanine cards is a hardware capability that extends the available ports for the Cisco UCS VIC 1340 or VIC 1240 adapter though the Mezzanine slot, and brings the total I/O bandwidth of the VIC 1340 or VIC 1240 adapters to dual 4 x 10 GbE.

  • Fabric Interconnect Traffic Evacuation—During upgrade, you can evacuate the secondary Fabric Interconnect traffic to ensure that there is no traffic flowing through the Fabric Interconnect from all servers attached to it through an IOM or FEX. This allows you to ensure that traffic will properly failover to the other Fabric Interconnect before you can proceed with the firmware upgrade.

  • Per Fabric Interconnect Chassis Reacknowledgment—You can now reacknowledge a chassis per Fabric Interconnect. This allows you to maintain connectivity to the chassis through the other Fabric Interconnect.

  • TPM and TXT Configuration through UCSM—The Trusted Platform Module (TPM) is a component that can securely store artifacts, such as passwords, certificates, or encryption keys, which are used to authenticate the server. A TPM can also be used to store platform measurements that help ensure that the platform remains trustworthy. Intel Trusted Execution Technology (TXT) provides greater protection for information that is used and stored on the server.

    This release supports TPM and TXT configuration on Cisco UCS M4 blade and rack-mount servers through Cisco UCS Manager. TPM is enabled by default and TXT is disabled by default.

  • Consistent Device Naming Support—Consistent Device Naming (CDN) allows Ethernet interfaces to be named in a consistent manner. This makes Ethernet interface names more persistent when adapter or other configuration changes are made.


    Note

    CDN is supported only on Windows 2012 R2.


  • Fabric Scale Improvements—Each Cisco UCS domain now supports:

    • Up to 8 appliance ports

    • 320 endpoints

    • Up to 320 vHBAs per Fabric Interconnect

  • Scriptable vMedia:

    • You can configure the file name of the vMedia mount image to use the name of the service profile with which the vMedia policy is associated.

    • You can specify the authentication protocol to be used when you select CIFS as the communication protocol with the remote server.

  • Support for Service Profile Migration with UEFI Boot Mode—When a service profile is migrated from one server to another, the BIOS on the destination server will continue to load the boot loader information and boot in UEFI boot mode.

  • NVGRE with IPv6 and VMQ—You can enable NVGRE with VMQ and NVGRE with IPv6 on the same vNIC.

  • usNIC Support with Intel® MPI—Intel® Message Passing Interface (MPI) is developed for high performance computing. You can now use the Intel MPI Library version 4 or 5 with Cisco user-space NIC (Cisco usNIC) for a low-latency and high-throughput communication transport.

  • Other Enhancements:

    • While the infrastructure firmware is being upgraded, an automatic, internal, full state backup file is created.

    • When creating an SNMP trap, you can use an IPv4 address, or an IPv6 address, or a fully qualified domain name of an IPv4 address as the SNMP host name.

    • A new tech-support memory option is introduced to create a tech-support file with only server memory information gathered across the Cisco UCS domain.

    • When creating a server pool qualification policy, you can now specify the storage disk type as HDD, SSD or unspecified.

Release 2.2(3c) adds support for the following:

  • QPI snoop mode via Service Profile

Release 2.2(3a) adds support for the following:

  • Tiered Port-Licensing for direct-connect C-Series servers

  • Smart Call Home Enhancements

  • BIOS/CIMC secure boot support for C-series servers

  • DIMM blacklisting support for C-series servers

  • ENIC - DPDK Integration

  • Stateless Offload for Overlay Networks (NVGRE / VXLAN)

  • Monitoring of the IOM/FI interfaces

  • LAN and SAN topology information

  • usNIC support for IP-routable transport

Release 2.2(2c) adds support for the following:

  • Scriptable vMedia

  • NetFlow support

  • PVLAN Enhancements

  • Pre-Upgrade Validation Checks

  • GPU Firmware Management

  • Wear-Level Monitoring on Flash Adapters

  • KVM/vMedia Client Enhancements

  • Cisco VIC Driver Enhancements:

    • Adaptive Interrupt Coalescing (AIC)

    • Accelerated Receive Flow Steering (ARFS)

    • netQueue Support

  • Support for ‘lacp suspend-individual’ on Uplink Port-Channel

Release 2.2(1b) adds support for the following:

  • IPv6 Management support

  • Cisco Integrated Management Controller (CIMC) In-band Management

  • Fabric scaling: VLAN, VIFs, IGMP, Network Adapter Endpoints

  • Uni-Directional Link Detection (UDLD) support

  • User Space NIC (usNIC) for Low Latency

  • Support for Virtual Machine Queue (VMQ)

  • C-Series Servers Direct Connect to FI without FEX

  • Two-factor Authentication for UCS Manager Logins

  • VM-FEX for Hyper-V Management with Microsoft SCVMM

  • Direct KVM Access

  • Server Firmware Auto Sync

  • Enhanced Local Storage Management

  • Flash Adapters and HDD Firmware Management

  • Precision Boot Order Control

  • Secure Boot (B-series only)

  • UEFI Boot Support

  • FlexFlash (Local SD card) support

  • Trusted Platform Module (TPM) Inventory

  • DIMM Blacklisting and Correctable Error Reporting (B-series only)

  • C-Series Board Controller Firmware Management


Note

If you want to refer to a list of supported OS in this release, check the Hardware and Software Interoperability Matrix for this release.


Security Fixes

The following are security fixes in Cisco UCS Manager Release 2.2:

Table 6. Security Fixes in Release 2.2

Release

Defect ID

CVE (s)

Description

2.2(8m)

CSCvc22208

CVE-2018-0303

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root, or cause a denial of service (DoS) condition on the affected device.

The vulnerability exists because of insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to a Layer 2 adjacent affected device. A successful exploit could allow the attacker to cause a buffer overflow, which could allow the attacker to execute arbitrary code as root, or cause a denial of service (DoS) condition on the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco FXOS and NX-OS Software Cisco Discovery Protocol Arbitrary Code Execution Vulnerability

2.2(8m)

CSCve02433

CVE-2018-0314

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packet headers when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the device, which could allow the attacker to execute arbitrary code on the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability

2.2(8m)

CSCve02461

CSCve41538

CVE-2018-0304

CVE-2018-0310

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory content, create a denial of service (DoS) condition, or execute arbitrary code as root.

The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packet headers. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow or buffer overread condition in the Cisco Fabric Services component, which could allow the attacker to obtain sensitive memory content, create a DoS condition, or execute arbitrary code as root.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

These advisories are available at the following links:

Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability

2.2(8m)

CSCve02787

CSCve02819

CVE-2018-0308

CVE-2018-0312

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.

The vulnerability exists because the affected software insufficiently validates header values in Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, which could allow the attacker to execute arbitrary code or cause a DoS condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

These advisories are available at the following links:

Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability

Cisco FXOS and NX-OS Software Cisco Fabric Services Arbitrary Code Execution Vulnerability

2.2(8m)

CSCve41541

CSCve41593

CVE-2018-0311

CVE-2018-0305

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

The vulnerability exists because the affected software insufficiently validates Cisco Fabric Services packets when the software processes packet data. An attacker could exploit this vulnerability by sending a maliciously crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to force a NULL pointer dereference or cause a buffer overflow condition on the device, which could cause process crashes and result in a DoS condition on the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

These advisories are available at the following links:

Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

2.2(8m)

CSCvg71290

CVE-2018-0291

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.

The vulnerability is due to improper validation of SNMP protocol data units (PDUs) in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

2.2(8m)

CSCvj10183

CVE-2019-1616

A vulnerability in the Cisco Fabric Services component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition.

The vulnerability is due to insufficient validation of Cisco Fabric Services packets. An attacker could exploit this vulnerability by sending a crafted Cisco Fabric Services packet to an affected device. A successful exploit could allow the attacker to cause a buffer overflow, resulting in process crashes and a DoS condition on the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability

2.2(8m)

CSCvm53116

CVE-2019-1599

A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.

The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could exploit this vulnerability by sending crafted TCP streams to an affected device in a sustained way. A successful exploit could cause the network stack of an affected device to run out of available buffers, impairing operations of control plane and management plane protocols, resulting in a DoS condition.

This advisory is available at the following link:

Cisco NX-OS Software Netstack Denial of Service Vulnerability

2.2(8m)

CSCvn61411

A vulnerability in the diagnostic CLI command of the Cisco UCS 6200 Series Fabric Interconnects may allow an authenticated local attacker to view sensitive information in the command output.

The vulnerability is due to lack of proper masking of sensitive information before being written to the diagnostic support output. An attacker may exploit this vulnerability by authenticating to the targeted device and issuing a specific diagnostic CLI command. However, an attacker needs a valid user credentials to exploit this vulnerability.

Cisco UCS Manager Release 2.2(8m) includes the fix for this issue. Password hashes that show in the CLI command are now hidden.

2.2(8m)

CSCvp28016

CSCvp27917

CSCvo21412

CSCvp30013

CVE-2018-12126

CVE-2018-12127

CVE-2018-12130

CVE-2019-11091

Cisco UCS M3 and M4 servers and Hyperflex M4 servers are vulnerable to variants of exploits that use Microarchitectural Data Sampling (MDS) to gain access to data being processed in the CPU by other applications.

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling) affects store buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling) affects load buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling) affects line fill buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory) affects uncacheable memory in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for the follwing servers:

  • Cisco UCS M4 servers and Hyperflex M4 servers that are based on Intel® Xeon® Processor E5 v3 and v4 Product Family processors

  • Cisco UCS M4 servers and Hyperflex M4 servers that are based on Intel® Xeon® Processor E7 v2, v3, and v4 Product Family processors

  • Cisco UCS B-Series M3 Blade Servers that are based on Intel® Xeon®Sandy Bridge E5-2600 and Ivy Bridge E5 2600 v2 Product Family processors

These BIOS revisions include the updated microcode that is a required part of the mitigation for these vulnerabilities.

2.2(8m)

CSCvd34862

CVE-2018-0294

A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device.

The vulnerability exists because the affected software does not properly delete sensitive files when certain CLI commands are used to clear the device configuration and reload a device. An attacker could exploit this vulnerability by logging into an affected device as an administrative user and configuring an unauthorized account for the device. The account would not require a password for authentication and would be accessible only via a Secure Shell (SSH) connection to the device. A successful exploit could allow the attacker to configure an unauthorized account that has administrative privileges, does not require a password for authentication, and does not appear in the running configuration or the audit logs for the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco FXOS and NX-OS Software Unauthorized Administrator Account Vulnerability

2.2(8m)

CSCvk70633

CVE-2019-1962

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause process crashes, which can result in a denial of service (DoS) condition on an affected system.

The vulnerability is due to insufficient validation of TCP packets when processed by the Cisco Fabric Services over IP (CFSoIP) feature. An attacker could exploit this vulnerability by sending a crafted CFS TCP packet to an affected device. A successful exploit could allow the attacker to cause process crashes, resulting in a device reload and a DoS condition.

Note: There are three distribution methods that can be configured for CFS. This vulnerability only affects distribution method CFSoIP, which is disabled by default. See the Security Advisory for more information.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco NX-OS Software Cisco Fabric Services over IP Denial of Service Vulnerability

2.2(8m)

CSCvn52167

CVE-2019-1965

A vulnerability in the Virtual Shell (VSH) session management for Cisco NX-OS Software could allow an authenticated, remote attacker to cause a VSH process to fail to delete upon termination. This can lead to a build-up of VSH processes that overtime can deplete system memory. When there is no system memory available, this can cause unexpected system behaviors and crashes.

The vulnerability is due to the VSH process not being properly deleted when a remote management connection to the device is disconnected. An attacker could exploit this vulnerability by repeatedly performing a remote management connection to the device and terminating the connection in an unexpected manner. A successful exploit could allow the attacker to cause the VSH processes to fail to delete, which can lead to a system-wide denial of service (DoS) condition. The attacker must have valid user credentials to log in into the device via the remote management connection.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco NX-OS Software Remote Management Memory Leak Denial of Service Vulnerability

2.2(8l)

CSCvm02934

CVE-2018-3615

CVE-2018-3620

CVE-2018-3646

Cisco UCS B-Series M2 servers and C-Series M2 servers are based on Intel® processors that are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as L1 Terminal Fault (L1TF).

  • CVE-2018-3615 (affecting SGX), also known as Foreshadow, is not known to affect any existing Cisco UCS servers because Cisco UCS M5 and earlier generation servers, and HyperFlex M5 and earlier generation servers do not use Intel® SGX technology.

  • CVE-2018-3620 (affecting OS/System Management Mode) and CVE-2018-3646 (affecting Virtual Machine Monitors) are referred to as L1 Terminal Fault attacks by Intel®. These vulnerabilities are mitigated by applying the updated processor microcode from Intel® included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M2 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3620 (OS/SMM) and CVE-2018-3646 (VMM). Operating System and Hypervisor patches from the appropriate vendors may also be required to mitigate these vulnerabilities.

For more information, please see the Cisco Security Advisory available here:

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

2.2(8l)

CSCvm03356

CVE-2018-3615

CVE-2018-3620

CVE-2018-3646

Cisco UCS B-Series M3 servers and C-Series M3 servers are based on Intel® processors that are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as L1 Terminal Fault (L1TF).

  • CVE-2018-3615 (affecting SGX), also known as Foreshadow, is not known to affect any existing Cisco UCS servers because Cisco UCS M5 and earlier generation servers, and HyperFlex M5 and earlier generation servers do not use Intel® SGX technology.

  • CVE-2018-3620 (affecting OS/System Management Mode) and CVE-2018-3646 (affecting Virtual Machine Monitors) are referred to as L1 Terminal Fault attacks by Intel®. These vulnerabilities are mitigated by applying the updated processor microcode from Intel® included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M3 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3620 (OS/SMM) and CVE-2018-3646 (VMM). Operating System and Hypervisor patches from the appropriate vendors may also be required to mitigate these vulnerabilities.

For more information, please see the Cisco Security Advisory available here:

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

2.2(8l)

CSCvm03351

CVE-2018-3615

CVE-2018-3620

CVE-2018-3646

Cisco UCS B-Series M4 servers, C-Series M4 servers, S3260 M4 storage servers, and HyperFlex M4 servers are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as L1 Terminal Fault (L1TF).

  • CVE-2018-3615 (affecting SGX), also known as Foreshadow, is not known to affect any existing Cisco UCS servers because Cisco UCS M5 and earlier generation servers, and HyperFlex M5 and earlier generation servers do not use Intel® SGX technology.

  • CVE-2018-3620 (affecting OS/System Management Mode) and CVE-2018-3646 (affecting Virtual Machine Monitors) are referred to as L1 Terminal Fault attacks by Intel®. These vulnerabilities are mitigated by applying the updated processor microcode from Intel® included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M4 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3620 (OS/SMM) and CVE-2018-3646 (VMM). Operating System and Hypervisor patches from the appropriate vendors may also be required to mitigate these vulnerabilities.

For more information, please see the Cisco Security Advisory available here:

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

2.2(8l)

CSCvj54847

CSCvj54187

CVE-2018-3639

CVE-2018-3640

Cisco UCS M4 servers and Hyperflex M4 servers are based on Intel® processors that are vulnerable to variants of an exploit that uses CPU speculative processing and data cache timing to efficiently leak information, known as Spectre.

CVE-2018-3639 (Spectre/Variant #4) and CVE-2018-3640 (Spectre/Variant #3a) are addressed by applying the updated processor microcode from Intel included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M4 and Hyperflex M4 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3639 (Spectre/Variant #4) and CVE-2018-3640 (Spectre/Variant #3a).

For more information, see the Cisco Software Advisory at:

CPU Side-Channel Information Disclosure Vulnerabilities: May 2018

2.2(8l)

CSCvj54880

CVE-2018-3639

CVE-2018-3640

Cisco UCS M3 servers are based on Intel® processors that are vulnerable to variants of an exploit that uses CPU speculative processing and data cache timing to efficiently leak information, known as Spectre.

CVE-2018-3639 (Spectre/Variant #4) and CVE-2018-3640 (Spectre/Variant #3a) are addressed by applying the updated processor microcode from Intel included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M3 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3639 (Spectre/Variant #4) and CVE-2018-3640 (Spectre/Variant #3a).

For more information, see the Cisco Software Advisory at:

CPU Side-Channel Information Disclosure Vulnerabilities: May 2018

2.2(8l)

CSCvj59299

CSCvj59301

CVE-2018-3639

CVE-2018-3640

Cisco UCS M2 servers that are based on Intel® EP and EX Series processors are vulnerable to variants of an exploit that uses CPU speculative processing and data cache timing to efficiently leak information, known as Spectre.

CVE-2018-3639 (Spectre/Variant #4) and CVE-2018-3640 (Spectre/Variant #3a) are addressed by applying the updated processor microcode from Intel included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M2 servers that are based on Intel® EP and EX Series processors. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3639 (Spectre/Variant #4) and CVE-2018-3640 (Spectre/Variant #3a).

For more information, see the Cisco Software Advisory at:

CPU Side-Channel Information Disclosure Vulnerabilities: May 2018

2.2(8l)

CSCvb86743

CVE-2018-0302

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco Unified Computing (UCS) Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.

The vulnerability is due to incorrect input validation in the CLI parser subsystem. An attacker could exploit this vulnerability by exceeding the expected length of user input. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the affected system.

There are no workarounds that address this vulnerability.

Cisco has released software updates that address this vulnerability.

For more information, see the Cisco Security Advisory, which is available at the following link:

Cisco FXOS Software and UCS Fabric Interconnect Arbitrary Code Execution Vulnerability

2.2(8j)

CSCvh51224

CSCvg97965

CSCvg98015

CSCvg97979

CSCvh31576

CVE-2017-5715

CVE-2017-5753

CVE-2017-5754

Cisco UCS and Hyperflex servers are based on Intel processors that are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as Spectre and Meltdown.

  • CVE-2017-5754 (Meltdown) is addressed by applying the relevant Operating System patches from the appropriate vendors.

  • CVE-2017-5715 (Spectre/Variant 2) is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2017-5753 (Spectre/Variant 1) is addressed by applying relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M2, M3, and M4 generation servers. These BIOS revisions include the updated microcode that is a required part of the mitigation for CVE-2017-5715 (Spectre/Variant 2).

For more information, see the Cisco Security Advisory at https:/​/​tools.cisco.com/​security/​center/​content/​

CiscoSecurityAdvisory/​cisco-sa-

20180104-cpusidechannel.

2.2(8i)

CSCvb61637

CSCvb86764

CSCvb86775

CSCvb86797

CSCvb86816

CVE-2017-6600

CVE-2017-6601

CVE-2017-6602

CVE-2017-6598

CVE-2017-6597

A vulnerability in the CLI of the Cisco Unified Computing System Manager could allow an authenticated, local attacker to perform a command injection attack. The security vulnerabilities are addressed.

2.2(8i)

CSCvc37931

CVE-2017-6604

The following Cisco UCS Manager and Cisco Integrated Management Controller versions may be affected by the redirection vulnerabilities:

For Unified Computing System (UCS) B-Series M3 and M4 Blade Servers, this affects any of the 2.2(8) and 3.1(2) blade bundle versions. None of the 3.0 or 3.1(1) blade bundle versions are affected.

For Unified Computing System (UCS) C-Series M3 and M4 Rack Servers, this affects 3.0(1c) CIMC versions. None of the 1.5 or 2.0 CIMC versions are affected.

2.2(8i)

CSCuz52483

CVE-2016-2105

CVE-2016-2106

CVE-2016-2107

CVE-2016-2108

CVE-2016-2109

Cisco UCS Manager may be affected by the following vulnerabilities:

  • CVE-2016-2105 EVP_EncodeUpdate overflow

  • CVE-2016-2106 EVP_EncryptUpdate overflow

  • CVE-2016-2107 Padding oracle in AES-NI CBC MAC check

  • CVE-2016-2108 Memory corruption in the ASN.1 encoder

  • CVE-2016-2109 ASN.1 BIO excessive memory allocation

Cisco UCS Manager is not affected by the following vulnerability:

  • CVE-2016-2176 EBCDIC overread

2.2(8i)

CSCuu83383

CVE-2015-1788

CVE-2015-1789

CVE-2015-1790

CVE-2015-1791

CVE-2015-1792

CVE-2014-8176

The OpenSSL vulnerabilities with Cisco UCS Manager identified by the Common Vulnerability and Exposures (CVE) IDs listed are fixed.

2.2(8i)

CSCvc94686

CSCvc96103

CVE-2017-3731

The OpenSSL vulnerabilities with Cisco UCS Manager identified by the Common Vulnerability and Exposures (CVE) IDs listed are fixed.

Cisco UCS Manager 2.2 may be affected by the following vulnerability:

  • CVE-2017-3731 Truncated packet could crash via OOB read

Cisco UCS Manager is not affected by the following vulnerabilities:

  • CVE-2017-3730 DHE parameters cause a client crash

  • CVE-2017-3732 BN_mod_exp may produce incorrect results on x86_64

  • CVE-2017-3733 A truncated packet may cause the server or client to perform an out-of-bounds read

2.2(8i)

CSCvb48577

CSCvb48644

CVE-2016-2177

CVE-2016-2178

CVE-2016-2179

CVE-2016-2180

CVE-2016-2181

CVE-2016-2182

CVE-2016-2183

CVE-2015-4000

CVE-2016-6303

CVE-2016-6302

CVE-2016-6304

CVE-2016-6305

CVE-2016-6306

CVE-2016-6307

CVE-2016-6308

CVE-2016-6309

CVE-2016-7052

The latest CiscoSSL 6.1.188-fips (corresponding to OpenSSL 1.0.2k, and detailed in CSCvc94686) now automatically fixes the OpenSSL vulnerabilities identified by one or more of the Common Vulnerability and Exposures (CVE) IDs listed.

2.2(8i)

CSCux41398

CVE-2015-3194

CVE-2015-3195

The OpenSSL vulnerabilities with Cisco UCS Manager identified by the Common Vulnerability and Exposures (CVE) IDs listed are fixed.

Cisco Unified Computing System B-Series (Blade) Servers are affected by:

  • CVE-2015-3194

  • CVE-2015-3195

Cisco Unified Computing System B-Series (Blade) Servers are not affected by:

  • CVE-2015-1794

  • CVE-2015-3193

  • CVE-2015-3196

2.2(8i)

CSCvc88543

  • CVE-2016-0736

  • CVE-2016-2161

  • CVE-2016-5387

  • CVE-2016-8740

  • CVE-2016-8743

The following CVEs do not apply to Cisco UCS Manager 2.2(8) because the relevant modules are not compiled as part of the Apache HTTP server used in Cisco UCS Manager:

  • CVE-2016-0736

  • CVE-2016-2161

  • CVE-2016-5387

  • CVE-2016-8740

CVE-2016-8743 is only applicable when backend servers are used. This does not affect Cisco UCS Manager Release 2.2(8).

2.2(8i)

CSCvf27392

  • CVE-2017-3167

  • CVE-2017-3169

  • CVE-2017-7659

  • CVE-2017-7668

  • CVE-2017-7679

The Apache vulnerabilities with Cisco UCS Manager identified by the Common Vulnerability and Exposures (CVE) IDs listed are fixed.

2.2(8i)

CSCvd72179

  • CVE-2017-6464

  • CVE-2017-6462

  • CVE-2017-6463

  • CVE-2017-6458

  • CVE-2017-6451

  • CVE-2017-6460

  • CVE-2016-9042

  • CVE-2017-6455

  • CVE-2017-6452

  • CVE-2017-6459

  • CVE-2015-8138

  • CVE-2016-7431

Cisco UCS Manager included a version of NTPd that was affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs. These CVE IDs no longer impact any Cisco UCS Manager release:

  • CVE-2017-6464—NTP-01-016 NTP: Denial of Service via Malformed Config

  • CVE-2017-6462—NTP-01-014 NTP: Buffer Overflow in DPTS Clock

  • CVE-2017-6463—NTP-01-012 NTP: Authenticated DoS via Malicious Config Option

  • CVE-2017-6458—NTP-01-004 NTP: Potential Overflows in ctl_put() functions

  • CVE-2017-6451—NTP-01-003 Improper use of snprintf() in mx4200_send()

  • CVE-2017-6460—NTP-01-002 Buffer Overflow in ntpq when fetching reslist

  • CVE-2016-9042—Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability

Cisco UCS Manager is not affected by the following CVE IDs:

  • CVE-2017-6455—NTP-01-009 NTP: Windows: Privileged execution of User Library code

  • CVE-2017-6452—NTP-01-008 NTP: Windows Installer: Stack Buffer Overflow from Command Line

  • CVE-2017-6459—NTP-01-007 NTP: Windows Installer: Data Structure terminated insufficiently

  • CVE-2015-8138—Zero Origin Timestamp Bypass

  • CVE-2016-7431—Zero Origin Timestamp Bypass

2.2(8a)A

CSCvf35705

CVE-2017-9788

CVE-2017-9789

The vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs listed are applicable only when mod_http2 and mod_auth_digest modules are used in the Apache server. The Apache server used by Cisco UCS Manager does not use mod_http2 and mod_auth_digest modules. Hence, the vulnerabilities identified by both CVE IDs listed do not impact any Cisco UCS Manager release.

2.2(3l)A

CSCvb85544

CVE-2016-5195

The security vulnerability is addressed.

2.2(8c)A

CSCuz91263

CVE-2016-6402

The security vulnerability is addressed.

2.2(8a)A

CSCuz92668

CVE-2016-4957

CVE-2016-4953

CVE-2016-4954

CVE-2016-4955

CVE-2016-4956

The security vulnerabilities are addressed.

2.2(3e)A

CSCus69458

CVE-2015-0235

The heap-based buffer overflow vulnerability in the GNU C library is addressed.

2.2(3d)A

CSCur29264

CVE-2014-3566

The security vulnerability is addressed.

2.2(3b)A

CSCur01379

CVE-2014-7169

CVE-2014-6271

CVE-2014-6277

CVE-2014-7186

CVE-2014-7187

CVE-2014-6278

The security vulnerabilities are addressed.

2.2(6c)B

CSCuq77241

CVE-2015-4265

The security vulnerability is addressed.

2.2(7b)

CSCut46044

CVE-2015-0286

CVE-2015-0287

CVE-2015-0289

CVE-2015-0292

CVE-2015-0293

CVE-2015-0209

CVE-2015-0288

The security vulnerabilities are addressed.

2.2(7c)

CSCux95107

CVE-2015-7973

CVE-2015-7974

CVE-2015-7975

CVE-2015-7976

CVE-2015-7977

CVE-2015-7978

CVE-2015-7979

CVE-2015-8138

CVE-2015-8139

CVE-2015-8140

CVE-2015-8158

The security vulnerabilities are addressed.

Resolved Caveats

The resolved bugs for a release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains up-to-date information about bugs and vulnerabilities in this product and other Cisco hardware and software products.


Note

You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, you can register for an account.


For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.

Resolved Caveats in Release 2.2(8m)

The following caveats are resolved in Release 2.2(8m):

Defect ID

Description

First Bundle Affected

Resolved in Release

CSCvk71319

The VIM process core causes Fabric Interconnect reboot.

This issue has been resolved.

2.2(8l)A

3.2(3g)A

2.2(8m)A

3.2(3h)A

CSCvk63036

Unable to form a SAN port-channel between a Cisco UCS Fabric Interconnect pair and a Cisco Fibre Channel switch, where the Organizationally Unique ID (OUI) of the switch is one of the following:

  • 003a9c

  • 000831

  • d0a5a6

This issue has been resolved.

2.2(3k)A

3.2(3d)A

4.0(2a)A

2.2(8m)A

3.2(3i)A

4.0(2b)A

CSCvf03280

When Cisco Fabric Services (CFS) distribution is enabled on UCS 6200 Series Fabric Interconnects, the Fabric Interconnect may reload due to a CFS process crash.

This issue has been resolved.

2.2(8g)A

2.2(8m)A

CSCvg75477

After upgrading to Java 10, the Java GUI for Cisco UCS Manager could not be launched.

This issue has been resolved, and the Java GUI for Cisco UCS Manager can now be launched using Java 10.

Note 

To use Java 9 and later versions, end user licenses are required from Oracle.

2.2(8i)A

2.2(8m)A

Resolved Caveats in Release 2.2(8l)

The following caveats are resolved in Release 2.2(8l):

Defect ID

Description

First Bundle Affected

Resolved in Release

CSCvi98058

New OS installation in UEFI mode and BIOS version 2.2.6f.0 no longer fails.

3.1(3h)B

2.2(8l)B

3.1(3j)B

CSCvg64592

Rack servers integrated with 6200 Series FI have connectivity after reboot of the subordinate FI, if the VLAN range (expressed as a string of characters) applied on a port-profile exceeds 255 characters.

3.1(3c)A

2.2(8l)A

3.1(3j)A

3.2(3a)A

Resolved Caveats in Release 2.2(8j)

The following caveats are resolved in Release 2.2(8j)

Table 7. Resolved Caveats in Release 2.2(8j)

Defect ID

Description

First Bundle Affected

Resolved in Release

CSCvh22485

In a VMFEX setup with PVLAN host configurations on the Veths, after vMotion or VM migration, VMs were unable to receive broadcast or multicast packets, including ARP packets.

This issue has been resolved.

2.2(8g)A

2.2(8j)

Resolved Caveats in Release 2.2(8i)

The following caveats are resolved in Release 2.2(8i).

Table 8. Resolved Caveats in Release 2.2(8i)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCvg44307

Communication between two end hosts no longer fails within the same VLAN and fabric interconnect.

2.2(4b)A

2.2(8i)A

CSCux49157

UCS Manager now has a user configurable option to select the TLS version.

2.2(6d)A

2.2(8i)A

CSCuz98957

UCS Manager no longer incorrectly reports the amount of drive slots on B200-M2 blade servers.

2.2(7b)A

2.2(8i)A

CSCva31113

After a fabric interconnect reboot, the fabric interconnect may not fully boot and become network accessible. The Serial Console connection to the fabric interconnect may show a 'loader' prompt or show initial configuration prompts.

2.2(3d)A

2.2(8i)A

CSCvb00303

During a Server discovery, Rack servers no longer get stuck and may not discover due to a lost connection status from the B side while only A side is appearing. This may occur after upgrading to 2.2(8b) and performing an Erase Samdb operation and then enabling all required server ports to bring the server up.

2.2(8b)A

2.2(8i)A

CSCvc58789

A port no longer shows a disabled error after 10 consecutive DFE tuning failures.

2.2(8c)A

2.2(8i)A

CSCvc92275

A kernel panic no longer occurs on the fabric interconnect which could cause a reboot.

The following command:

show logging onboard stack-trace

Shows that the panic may occur in the process usd_mts_kthread. The call trace can be reviewed for a full match to this defect.

2.2(6e)A

2.2(8i)A

CSCvd02546

During a UCS Manager upgrade from 2.2(3l) to 3.1(2) only the secondary fabric interconnect may be upgraded.

2.2(1b)A

2.2(8i)A

CSCvd54116

Setting a custom cipher suite for UCS Manager HTTPS to remove the usage of TLS v1.0 and 1.1, no longer results in a "handshake failure" error message when attempting to open a Java login to UCS Manager or a KVM session to a blade server.

2.2(8c)A

2.2(8i)A

CSCve19522

UCS domains running version 3.1(3a) no longer moves to a state of lost visibility after a certificate is regenerated on UCS Central and is able to recover. In some cases, the UCS 3.1(3a) domain registration may also get stuck in a registering state.

2.2(8g)A

2.2(8i)A

CSCvg06830

After adding a secondary fabric interconnect to a standalone setup and converting it to clustered setup, the VLAN 1 may not be added to the uplink port-channel, and no longer causes the vEth on the B side to fail pinning and render the subordinate fabric interconnect unusable.

2.2(6c)A

2.2(8i)A

CSCvc88543

Cisco UCS Manager includes a version of the Apache HTTP Server software that no longer affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2016-0736

  • CVE-2016-2161

  • CVE-2016-5387

  • CVE-2016-8740

  • CVE-2016-8743

2.2(6c)A

2.2(8i)A

CSCuu83383

CSCvb48644

UCS Manager includes a version of OpenSSL that is no longer affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2015-4000

  • CVE-2015-1788

  • CVE-2015-1789

  • CVE-2015-1790

  • CVE-2015-1791

  • CVE-2015-1792

  • CVE-2014-8176

1.1(1j)A

2.2(8i)A

CSCux41398

UCS Manager includes a version of OpenSSL that is no longer affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2015-3193

  • CVE-2015-3194

  • CVE-2015-3195

  • CVE-2015-3196

  • CVE-2015-1794

2.2(3a)B

2.2(8i)B

CSCuz52483

UCS Manager includes a version of OpenSSL that is no longer affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2016-2108

  • CVE-2016-2107

  • CVE-2016-2105

  • CVE-2016-2106

  • CVE-2016-2109

  • CVE-2016-2176

2.2(8a)A

2.2(8i)A

CSCvb48577

UCS Manager includes a version of OpenSSL that is no longer affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2016-6304 CVE-2016-6305 CVE-2016-2183 CVE-2016-6303 CVE-2016-6302 CVE-2016-2182 CVE-2016-2180 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2181 CVE-2016-6306 CVE-2016-6307 CVE-2016-6308 CVE-2016-6309 CVE-2016-7052

And disclosed in https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl

2.2(8g)B

2.2(8i)B

CSCvc94686

UCS Manager includes a version of OpenSSL that is no longer affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2017-3731 - Truncated packet could crash via OOB read

This product is not affected by the following vulnerabilities:

  • CVE-2017-3730 - DHE parameters cause a client crash

  • CVE-2017-3732 - BN_mod_exp may produce incorrect results on x86_64

2.2(8g)A

2.2(8i)A

CSCvc96103

UCS Manager includes a version of OpenSSL that is no longer affected by the vulnerability identified by one or more of the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2017-3731

  • CVE-2017-3730

  • CVE-2017-3732

And disclosed in https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl

2.2(8g)A

2.2(8i)A

CSCvb61637

A vulnerability in the CLI of the Cisco Unified Computing System Manager could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation for the affected command. An authenticated local attacker could exploit this vulnerability by injecting crafted command arguments into a redirect of a vulnerable CLI command. An exploit could allow the attacker to execute arbitrary system commands with the privileges of the authenticated user. UCS Manager is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2017-6600

2.2(8g)A

2.2(8i)A

CSCvb86764

A vulnerability in the CLI of the Cisco UCS Manager could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside of the user's path. UCS Manager is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs: CVE-2017-6601

2.2(8g)A

2.2(8i)A

CSCvb86775

A vulnerability in CLI of the Cisco Unified Computing System Manager could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to read or write arbitrary files at the user's privilege level outside the expected path and gain access to other devices. The vulnerability is identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE ID CVE-2017-6602

2.2(8g)A

2.2(8i)A

CSCvb86797

A vulnerability in the debug plugin functionality of the Cisco Unified Computing System Manager could allow an authenticated, local attacker to execute arbitrary commands. The vulnerability is due to inadequate integrity checks for the debug plugin. An attacker could exploit this vulnerability by crafting a debug plugin and load it using elevated privileges. An exploit could allow the attacker to run malicious code that would allow for the execution of arbitrary commands as root. The vulnerability is identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE ID CVE-2017-6598

2.2(8g)A

2.2(8i)A

CSCvb86816

A vulnerability in local-mgmt CLI of the Cisco Unified Computing System Manager could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation for the affected command. An authenticated local attacker could exploit this vulnerability by injecting crafted command arguments into a vulnerable CLI command. An exploit could allow the attacker to execute arbitrary system commands with the privileges of the authenticated user. The vulnerability is identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE ID CVE-2017-6597

2.2(8g)A

2.2(8i)A

CSCvc37931

Unvalidated redirects and forwards may be possible when UCS Manager accepts untrusted input that could cause it to redirect the request to a URL contained within untrusted input. By modifying untrusted URL input to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Unvalidated redirect and forward attacks can also be used to maliciously craft a URL that would pass the applications access control check and then forward the attacker to privileged functions that they would normally not be able to access. The vulnerability is identified by the following Common Vulnerability and Exposures (CVE) IDs: CVE ID CVE-2017-6604

2.2(8g)A

2.2(8i)A

Resolved Caveats in Release 2.2(8g)

The following caveats are resolved in Release 2.2(8g)

Table 9. Resolved Caveats in Release 2.2(8g)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCva14937

M4 blades installed with SD cards instead of a hard disk no longer halt at 'Local Drive' for automated deployments with the following boot policy:

Boot Policy

  • CD/DVD

  • Local Drive

  • Network Adapter (PXE)

2.2(3f)B

2.2(8g)B

CSCvb85331

The following fault no longer occurs after a UCS Manager software upgrade.

Code: F1781

Description: Management database version mismatch detected failover may not complete

Affected Object: sys/mgmt-entity-B

Name: Mgmt Entity Mgmt Db Version Mismatch

Cause: Replication Failure

Type: Management

2.2(8c)A

2.2(8g)A

CSCvc39322

For B260 M4 Blades, BIOS v3.1.2.2 no longer intermittently fails Windows HLK and HCK Trusted Platform Module (TPM) tests on Windows Server 2016 and Windows Server 2012 R2.

2.2(7b)B

2.2(8g)B

CSCvc10791

A DME process no longer crashes when the dynamic vNIC and static vNIC contain a different adminVcon property value.

2.2(3e)A

2.2(8g)A

CSCvc89242

The Fabric Interconnect no longer reboots due to a CDP process crash.

2.2(6e)A

2.2(8g)A

CSCvc46313

The remote operation of making the LUN online from UCS Central no longer fails with the error message:

Global Service profile [org-root/org-GKDC/org-<name>/ls-SP_3260_03] can not be modified from UCS domain. Please make the changes from UCS Central that you are registered with.

2.2(4b)A

2.2(8g)A

CSCvc60876

The 6248, 6296, and 6332 Series Fabric Interconnects no longer sends Smart Call Home messages in the wrong format.

2.2(8b)A

2.2(8g)A

CSCvc31867

When upgrading the SSD to firmware 32F3Q, the firmware is no longer truncated and written as 2F3Q, which may cause a second request for the reboot of the server.

2.2(8a)A

2.2(8g)A

CSCux96072

During heavy I/O traffic, the Cisco 12G Modular RAID controller no longer goes offline with the Storage Controller SLOT HBA inoperable error logged in CIMC event logs.

2.2(6e)C

2.2(8g)C

CSCvc48423

Downloading a bundle more than 1GB in size from a local desktop no longer fails.

2.1(1a)A

2.2(8g)A

Resolved Caveats in Release 2.2(8f)

The following caveats are resolved in Release 2.2 (8f)

Table 10. Resolved Caveats in Release 2.2(8f)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuy81688

From Cisco UCS Manager tech-support, running /var/sysmgr/sam_logs/httpd_cimc.log on the affected fabric interconnect no longer shows the exceeded max time without restart error.

From Cisco UCS Manager tech-support, running /ls_l.out on the affected fabric interconnect no longer shows the existence of a 'cimcrestart' file under /isan/apache/conf/. The modified date is now updated.

2.2(8a)A

2.2(8f)A

CSCuz53730

UCSM httpd process no longer experiences high memory usage or crash with a core file showing indications of memory allocation failure.

2.2(2c)A

2.2(8f)A

CSCva35757

Latency between the UCS Manager Client and fabric interconnect no longer causes the firmware page to load slowly.

2.2(7b)A

2.2(8f)A

CSCvb11667

Server with UEFI BIOS enabled, no longer fails to SAN boot from a target LUN with an ID other than 0 and using T10 DIF protection.

2.2(8d)B

2.2(8f)B

CSCvb16804

Booting from SAN to 4K UEFI target no longer fails.

2.2(8a)B

2.2(8f)B

CSCvb08928

A fabric interconnect no longer reboots on VLAN deletion due to a FWM hap reset.

2.2(5a)A

2.2(8f)A

CSCvb78971

When attempting the auto-install of UCS Manager, the fabric interconnect upgrade no longer fails when the /var/tmp usage exceeds 10%.

2.2(3k)A

2.2(8f)A

CSCvb82862

EUI-64 bit addresses are now valid for storage connection policies or SAN boot targets.

2.2(8d)A

2.2(8f)A

CSCvb95978

On C460 M4 servers, TPM version 1.2 no longer fails to initialize after installing ESXi OS, and enabling and activating TPM and TXT.

2.2(8d)B

2.2(8f)B

CSCvc17769

The fabric interconnect no longer crashes when the bound interface of a Veth is in the Not Initialized State during a VLAN configuration change.

2.2(7c)A

2.2(8f)A

Resolved Caveats in Release 2.2 (8d)

The following caveats are resolved in Release 2.2 (8d)

Table 11. Resolved Caveats in Release 2.2 (8d)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCvb05762

UCS Manager GUI and CLI no longer fail to respond when the Data Management Engine (DME) hangs with a WaitOnLimit log message.

2.2(7b)A

2.2(8d)A

Resolved Caveats in Release 2.2 (8d)T

The following caveats are resolved in Release 2.2 (8d)T

Table 12. Resolved Caveats in Release 2.2 (8d)T
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCva53726

UCS Manager no longer allows the downgrade of firmware for the following rack servers installed with v4 CPU models to a version less than the minimum required version of CIMC / BIOS firmware:

  • UCSC-C240-M4L

  • UCSC-C240-M4S

  • UCSC-C240-M4S

  • UCSC-C240-M4SX

  • UCSC-C220-M4L

  • UCSC-C220-M4S

  • UCSC-C240-M4SNEBS

After a downgrade, servers no longer fail the BIOS post.

2.2(7c)T

2.2(8d)T

Resolved Caveats in Release 2.2 (8c)

The following caveats are resolved in Release 2.2 (8c)

Table 13. Resolved Caveats in Release 2.2 (8c)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuu29425

In RHEL 7.0 and 7.1 the ENIC driver now properly handles packets received on the native VLAN.

2.2(4b)B

2.2(8c)B

CSCuw50361

While collecting IOM tech-support by using the show platform software satctrl global output from the IOM, the HIF/NIF interfaces of an IOM no longer flap due to SDP heartbeat timeout.

2.2(4b)A

2.2(8c)A

CSCux11611

Seagate hard drives left spinning idle without an operating system installed or setup with the JBOD configuration without read or write activity are no longer prone to failure. Impacted hard drives are listed here:

  • UCS-HD4T7KS3-E

  • UCSC-C3X60-HD4TB (4TB)

  • UCS-HDD3TI2F214 (3TB)

  • UCS-HDD2TI2F213 (2TB)

  • UCS-HDD1TI2F212 (1TB)

  • UCS-HD6T7KL4K

  • UCSC-C3X60-HD6TB

  • UCSC-C3X60-6TBRR

2.2(7c)B

2.2(8c)B

CSCuy79306

When Cisco UCS C-Series servers with VIC 1225 or VIC 1227 are directly connected to Cisco Nexus 9000 switches, after making a large change on a switch, ports no longer flap or show as down on the switch but up on the server.

2.2(3f)B

2.2(8c)B

CSCuz41121

When booting to RHEL or running system stress tests, Cisco UCS B420 M4 servers with certain Intel ® E5 v3 CPUs no longer report QPI Correctable System Event Logs with the following error message:

Link Layer CRC successful reset with no degradation

2.2(8a)B

2.2(8c)B

CSCuz91263

A vulnerability in the command-line interface (CLI) of the Cisco UCS Manager and UCS 6200 Series Fabric Interconnects is resolved.

2.2(1a)A

2.2(8c)A

CSCuz96855

UCS M71KR cards no longer crashes with the error “E4194871”.

2.2(6e)B

2.2(8c)B

CSCva27558

In scenarios such as traffic loops in external networks, a series of MAC add or delete operations no longer causes the MAC address to display in the software table, and nor in the hardware table for all the ASICs.

2.2(5c)A

2.2(8c)A

CSCva34343

UCS Manager no longer reports false alerts due to P0V75_STBY sensor in Cisco B200 and M4 Blade Servers.

2.2(6e)B

2.2(8c)B

CSCva38476

An infrastructure software upgrade to UCS Manager 2.2(7b) or higher no longer fails when both fabric interconnects are incompatible or when one of the fabric interconnects is unresponsive.

2.2(7b)A

2.2(8c)A

CSCva71801

UCS Manager no longer fails to synchronize with IPv6 NTP server.

2.2(8a)A

2.2(8c)A

CSCva96740

Changes in adapter policy from UCS Manager now triggers a server redeploy.

2.2(8b)A

2.2(8c)A

CSCvb35827

Upgrade failure no longer occurs when a Cisco UCS system is configured with more than 128 LDAP groups and upgrade is performed either from Cisco UCS Manager Release 2.2.8 to Cisco UCS Manager Release 3.1(2b) or from Cisco UCS Manager Release 3.1(2b) to a later release.

2.2(8a)A

2.2(8c)A

Resolved Caveats in Release 2.2 (8b)

The following caveats are resolved in Release 2.2 (8b)

Table 14. Resolved Caveats in Release 2.2 (8b)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuu40978

The syslog is now truncated after it reaches the configured maximum size. It no longer fills up the Fabric Interconnect file system.

2.2(3d)A

2.2(8b)A

CSCuz54661

Cisco B200 M3 Server no longer fails to post if NUMA is disabled.

2.2(6g)B

2.2(8b)B

CSCuz86450

The server no longer reboots because the system does not accept user input on the order property of adaptorHostIf.

1.4(1j)A

2.2(8b)A

CSCva08256

Cisco CIMC and BIOS no longer get stuck updating or activating with the host firmware pack when the new host firmware pack has the same name and version as the system being updated.

2.2(7b)A

2.2(8b)A

CSCva34426

Cisco UCS 3X60 Server no longer fails to boot from LSI RAID controller managed disk slots 1 or 2, when the disks are in JBOD mode.

2.2(7c)A

2.2(8b)A

CSCva36835

A board controller update now ensures proper functionality of the LSI controller during a warm reboot or reset signal when using the Cisco B460 M4 or B260 M4 blade servers.

2.2(8a)B

2.2(8b)B

CSCva54957

A reboot is no longer triggered without a “user -ack” when modifying a service profile that requires a reboot while shallow association is failing.

2.1(3a)A

2.2(8b)A

CSCva67159

Cisco UCS Manager httpd no longer fails to start when the default keyring was deleted.

2.2(8a)A

2.2(8b)A

CSCva72096

Cisco UCS servers running Intel E5 Xeon v4 CPUs no longer crash with a signature pointing to internal parity errors, page fault, general detect, or undefined opcode exceptions.

2.2(4b)B

2.2(8b)B

CSCva87230

A temporary loss in server connectivity no longer occurs when performing a Cisco UCS Manager upgrade to release 2.2(8a) from a build that does not contain the fix for CSCuq57142.

2.2(8a)A

2.2(8b)A

Resolved Caveats in Release 2.2 (8a)

The following caveats are resolved in Release 2.2 (8a)

Table 15. Resolved Caveats in Release 2.2 (8a)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuv13019

When the desired power state of a service profile was set to Power ON, and Cisco UCS Manager triggered shallow discovery for the blade server, server shutdown from the OS was powered ON by Cisco UCS Manager. This issue is now resolved.

2.1(1f)B

2.2(8a)B

CSCuv31912

UCS Manager iptables are no longer duplicating rules in the FORWARD table.

2.2(3d)A

2.2(8a)A

CSCuw16950

FSM failures no longer trigger the addition of duplicate entries in IP tables.

2.2(3b)A

2.2(8a)A

CSCux59912

A Cisco UCS system with servers connected to a Cisco Nexus 2232 FEX no longer experiences bladeAG cores.

2.2(5c)C

2.2(8a)C

CSCux63909

FC abort is no longer observed while running uplink port flap test on uplink Ethernet port-channel from an FI to a Cisco Nexus 7000 switch.

2.0(2m)B

2.2(8a)B

CSCuy98678

Cisco UCS 6296 fabric interconnect no longer crashes unexpectedly with kernel panic, and impact any devices connected the fabric interconnect.

2.2(6c)A

2.2(8a)A

CSCuz92668

Vulnerabilities affecting various versions of NTPd are now resolved.

2.2(1a)A

2.2(8a)A

CSCva04106

Removing a SAN port channel member no longer causes SAN ports to go down.

2.2(3d)A

2.2(8a)A

Resolved Caveats in Release 2.2 (7e)

The following caveats are resolved in Release 2.2 (7e)

Table 16. Resolved Caveats in Release 2.2 (7e)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCva72096

Cisco UCS servers running Intel E5 Xeon v4 CPUs no longer crash with a signature pointing to internal parity errors, page fault, general detect, or undefined opcode exceptions.

2.2(4b)B

2.2(7e)B

Resolved Caveats in Release 2.2(7d)

The following caveats are resolved in Release 2.2(7d)

Table 17. Resolved Caveats in Release 2.2(7d)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuz69100

Disk Firmware update no longer fails for local disks on a C240 rack server that has an UCSC-SAS12GHBA storage controller.

2.2(7b)A

2.2(7d)A

CSCuz86450

The server no longer reboots because the system does not accept user input on the order property of adaptorHostIf.

1.4(1j)A

2.2(7d)A

CSCuz65286

Cisco UCS Manager firmware upgrade failed with the following message UCSM upgrade validation failed when the default value for IO throttle count in the FC adapter policy had a value of 16. This issue is resolved. The default IO throttle count is now set to 256.

2.2(3a)A

2.2(7d)A

CSCuv45574

After downgrading the controller firmware on C220/C240 M3 systems with LSI 9271-8i controller, the GUID of virtual disks no longer change and the virtual machines running on the ESXi OS no longer become inaccessible.

2.2(6f)A

2.2(7d)A

CSCux53224

A fatal error may be observed when creating or removing virtual drives with RAID 5 and RAID 6 controller combinations. This issue is now resolved.

2.2(7c)C

2.2(7d)C

CSCva01733

PXE in Legacy Boot mode no longer hangs with excessive unicast or multicast high background traffic with a packet size larger than MTU directed to the client server. This was seen with ESXi Autodeploy on a specific setup which likely had unusually high multicast traffic directed at the client server. This traffic was not from the PXE server for file transfer, but from some other source.

2.2(6e)B

2.2(7d)B

CSCva29365

Enabling stateless offloads for NVGRE in the following 3rd generation Cisco VIC adapters' configuration with UCSM/CIMC no longer leads to inaccessible vNIC interfaces in the host OS:

  • UCSC-C3260-SIOC

  • UCSB-VIC-M83-8P

  • UCSB-MLOM-40G-02

  • UCSB-MLOM-40G-03

  • UCSC-PCIE-C40Q-03

  • UCSC-MLOM-C40Q-03

2.2(7b)B

2.2(7d)B

CSCuu40291

When debug logging is enabled, Cisco UCS Manager tech-support showed that syslogd_debug files were present, but the show debug logfile syslogd_debugs CLI command failed with the following error:

Logfile(syslogd_debugs) does not exist

This issue is now resolved.

2.2(3a)A

2.2(7d)A

CSCuu40978

The Fabric Interconnect file system previously generated too many syslog messages and prevented further logging. This issue is now resolved.

2.2(3d)A

2.2(7d)A

CSCuz20650

When syslog messages are generated continuously, the syslog suspend timer does not recover. Thus, no events are sent to the remote syslog server. This issue is now resolved.

2.2(3a)A

2.2(7d)A

Resolved Caveats in Release 2.2 (7c)

The following caveats are resolved in Release 2.2 (7c)

Table 18. Resolved Caveats in Release 2.2 (7c)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCul97240

When a UCS rack server is present in a UCS setup, DHCP renewal now triggers Information level syslog messages to be sent to the syslog server configured on Cisco UCS Manager.

2.2(1a)A

2.2(7c)A

CSCuq57142

In a port channel universe, the following no longer happen:

  • A port channel ID may sometimes not be released after use. This could eventually lead to the universe of port channel IDs being empty, and no port channel IDs being available for use.

  • After an upgrade, power loss, FI reboot or failover, the empty port channel universe is incorrectly interpreted as a new installation, and repopulated. This leads to duplicate port channel ID allocation when a server is attached to the FI, or when a server is re-acknowledged.

2.2(3a)A

2.2(7c)A

CSCuq74472

Unnecessary thermal events on IOM stating “Thermal sensor reading not available” are no longer seen.

2.1(3c)B

2.2(7c)B

CSCux58865

DIMM temperature readings are no longer missed when CPUs are in a low power (or “sleep”) mode.

2.1(3d)B

2.2(7c)B

CSCuy01645

DIMM temperature readings are no longer not available when more than 16 degrees Centigrade different than the previous reading.

2.2(5b)B

2.2(7c)B

CSCux63909

FC abort is no longer observed while running an uplink port flap test on an uplink Ethernet port-channel from an FI to a Cisco Nexus 7000 switch.

2.0(2m)B

2.2(7c)B

CSCuy34161

Any DIMM that is functioning correctly is no longer disabled after the reboot of the UCS B250 M2 blade server.

2.0(5c)B

2.2(7c)B

CSCuy62783

In a UCS setup with a VIC13xx adapter on blade servers or rack-mount servers, the server or VIC adapter no longer becomes unresponsive after running IO across network file systems.

2.2(3a)B

2.2(7c)B

CSCuy64856

The Cisco UCS fabric interconnects (FI) are no longer rebooted with the reboot reason FWM hap reset.

2.1(3h)A

2.2(7c)A

CSCuy93451

VLANs are now deleted from the vNICs if they are deleted from the updating vNIC template.

2.2(7b)A

2.2(7c)A

CSCuz69373

CATERR faults due to cpu lockup in VIC 1340 no longer occur.

2.2(7b)B

2.2(7c)B

Resolved Caveats in Release 2.2 (7b)

The following caveats are resolved in Release 2.2 (7b)

Table 19. Resolved Caveats in Release 2.2 (7b)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuz74973

When you use a B200 M4 server with a UCSB-MRAID12G SAS RAID controller and a CPLD firmware version earlier than version 05D, the B200 M4 server no longer powers off unexpectedly.

2.2(3b)B

2.2(7b)B

CSCun07367

Under normal state of operation, the statsAG process used to crash and restart on the Fabric Interconnect. This was also observed in the Cisco UCS Mini firmware.

This issue has been resolved.

2.1(3a)A

2.2(7b)A

3.1(1e)A

3.1(2b)A

CSCud75506

The UUID display on ESXi 5.1 is now consistent with the UUID display on UCSM when upgrading ESXi to version 5.1 on UCS B200 M3, B22 M3 and B420 M3 blade servers.

2.0(2r)B

2.2(7b)B

CSCuv43349

During server discovery, Cisco UCS Blade server association or disassociation, the following failures are no longer reported:

  • Waiting for BIOS Post Completion

  • Unable to get SCSI Device Information from the system

2.2(6e)B

2.2(7b)B

CSCuw36128

The buffer overflow condition that caused the statsAG mts queue to leak is now fixed.

2.2(1d)A

2.2(7b)A

CSCuw46478

The Local disk Locator LED remains OFF, although enabled in Cisco UCS Manager.

2.2(6j)B

2.2(7b)B

CSCuw55142

Cisco UCS B420M4 server with the UCSB-MRAID12G-HE no longer reports the following critical fault:

Controller 1 on server is inoperable. Reason: Device non-responsive

2.2(6c)B

2.2(6f)B, 2.2(7b)B

CSCux05389

After upgrading to release 2.2(7b) and rebooting the subordinate fabric interconnect, occasional VSAN misconfiguration will no longer occur.

2.2(3f)A

2.2(7b)A

CSCux07578

Cisco UCS Blade servers B400 M1 or B400 M2 running on Liberator firmware version 4.10 with SATA drives, no longer experience data consistency failures.

2.2(6f)B

2.2(7b)A

CSCux21413

When you remove and reinsert a drive in the same slot, the Locator Storage Locator LED no longer remains on all the time.

2.2(6j)B

2.2(7b)A

CSCux66675

After rebooting a Cisco UCS 6296UP FI, all physical interfaces will no longer connect incorrectly with the Cisco UCS C460 M4 servers.

2.2(6c)A

2.2(7b)A

CSCux85580

Fabric Interconnect cores will no longer be seen on IGMP.

2.2(3b)A

2.2(7b)A

CSCux65310

During blade discovery or CIMC controller reset, a chassis thermal critical fault can be generated due to the time it takes for reconnecting from the IOM to the CIMC.

However, after several minutes this fault clears on its own.

3.1(1e)B

2.2(7b)B

CSCut46044

Cisco Unified Computing Server Management Software (UCSM) includes a version of OpenSSL that is affected by the vulnerability identified by the Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2015-0286

  • CVE-2015-0287

  • CVE-2015-0289

  • CVE-2015-0292

  • CVE-2015-0293

  • CVE-2015-0209

  • CVE-2015-0288

This issue is now fixed.

2.2(3a)A

2.2(7b)A

CSCuw19082

During Cisco UCS Manager initial setup, while configuring the fabric interconnect, setup will assume the GUI configuration method if a DHCP lease is obtained for the mgmt interface. In addition, an url will be provided for the setup of the fabric interconnect.

2.2(6c)A

2.2(7b)A

Resolved Caveats in Release 2.2 (6j)

The following caveats are resolved in Release 2.2 (6j)

Table 20. Resolved Caveats in Release 2.2 (6j)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCux63909

FC abort is no longer observed while running an uplink port flap test on an uplink Ethernet port-channel from an FI to a Cisco Nexus 7000 switch.

2.0(2m)B

2.2(6j)B

CSCva01733

PXE in Legacy Boot mode no longer hangs with excessive unicast or multicast high background traffic with a packet size larger than MTU directed to the client server. This was seen with ESXi Autodeploy on a specific setup which likely had unusually high multicast traffic directed at the client server. This traffic was not from the PXE server for file transfer, but from some other source.

2.2(6e)B

2.2(6j)B

Resolved Caveats in Release 2.2 (6i)

The following caveats are resolved in Release 2.2 (6i)

Table 21. Resolved Caveats in Release 2.2 (6i)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuw36128

The buffer overflow condition that caused the statsAG mts queue to leak is now fixed.

2.2(1d)A

2.2(6i)A

CSCuw44595

DIMMs with correctable ECC errors are marked Inoperable or Degraded even though correctable errors do not affect normal system operation. This issue is now resolved.

2.2(3a)A

2.2(6i)A

CSCuy01645

DIMM temperature readings are no longer missed when the temperature is 16 degrees Centigrade more than the previous reading.

2.2(5b)B

2.2(6i)B

CSCuj71400

Cisco UCS Manager no longer displays the “FCoE or FC uplink is down on VSAN X” fault when the member ports for the VSAN are up.

2.2(1a)A

2.2(6i)A

CSCuy62783

In a UCS setup with a VIC13xx adapter on blade servers or rack-mount servers, the server or VIC adapter no longer becomes unresponsive after running IO across network file systems.

2.2(3a)B

2.2(6i)B

CSCuy34161

Any DIMM that is functioning correctly is no longer disabled after the reboot of the UCS B250 M2 blade server.

2.0(5c)B

2.2(6i)B

CSCux58865

DIMM temperature readings are no longer missed when the temperature is 10 degrees Centigrade more than the previous reading.

2.1(3d)B

2.2(6i)B

CSCuu40978

The syslog is now truncated after it reaches the configured maximum size. It no longer fills up the Fabric Interconnect file system.

2.2(3d)A

2.2(6i)A

CSCux45723

UCS SNMP memory leaks no longer occur when polling FC interfaces and SNMP processes (Walk/Get/Get Bulk) that parse any of the following SNMP MIBs:

  • fcIfNonLipF8Out

  • fcIfTimeOutDiscards

  • fcIfOutDiscards

  • fcIfCreditLoss

  • fcIfTxWtAvgBBCreditTransitionToZero

2.2(3a)A

2.2(6i)A

CSCuq57142

In a port channel universe, the following no longer happen:

  • A port channel ID may sometimes not be released after use. This could eventually lead to the universe of port channel IDs being empty, and no port channel IDs being available for use.

  • After an upgrade, power loss, FI reboot or failover, the empty port channel universe is incorrectly interpreted as a new installation, and repopulated. This leads to duplicate port channel ID allocation when a server is attached to the FI, or when a server is re-acknowledged.

2.2(3a)A

2.2(6i)A

CSCuw02439

When using Cisco UCS M81KR VIC adapters on a system running Cisco UCS Manager Release 2.2(2c), the adapters no longer crash and generate core files.

2.2(2c)B

2.2(6i)B

CSCux59298

When using UCS B200 M3 servers with VIC 1240 on a system running Cisco UCSM Release 2.2(2c), network and SAN no longer lose connectivity.

2.2(2c)B

2.2(6i)B

CSCuy64856

The Cisco UCS fabric interconnects (FI) are no longer rebooted with the reboot reason FWM hap reset.

2.1(3h)A

2.2(6i)A

CSCuz20650

When syslog messages are generated continuously, the syslog suspend timer does not recover. Thus, no events are sent to the remote syslog server. This issue is now resolved.

2.2(3a)A

2.2(6i)A

CSCuu40291

When debug logging is enabled, Cisco UCS Manager tech-support showed that syslogd_debug files were present, but the show debug logfile syslogd_debugs CLI command failed with the following error:

Logfile(syslogd_debugs) does not exist

This issue is now resolved.

2.2(3a)A

2.2(6i)A

Resolved Caveats in Release 2.2 (6g)

The following caveats are resolved in Release 2.2 (6g)

Table 22. Resolved Caveats in Release 2.2 (6g)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCux98751

Anytime a new blade is inserted into the chassis, or a blade CIMC controller reboots, a chassis thermal fault is no longer generated because of the time taken to reconnect from the IOM to the CIMC.

2.2(6c)B

2.2(6g)B

CSCuv20324

The FCoE storage no longer becomes unavailable or performs very poorly after a reset of either host-attached switch in the case of standalone systems, or after the reset of an IOM or FI in UCS-managed systems when the IOM or FI sends configuration information to the adapter later than 5 seconds after link-up.

2.2(1b)B

2.2(6g)B

CSCuv89839

When the fabric interconnect is in switch mode with direct attached storage, and its FC uplinks to the direct attached storage are up, these FC uplinks now allow traffic to pass.

2.2(3f)A

2.2(6g)A

CSCuv97713

After upgrading Cisco UCS Manager, in rare cases, the IOM may core in the sysmgr process leading to IOM reboot. This is now resolved.

2.2(3j)A

2.2(6g)A

CSCux68679

When a UCS B460 M4 server is configured with Fusion IO cards installed in same mezzanine slot of the master and slave blades, actions such as Cisco UCS Manager upgrade, cluster failover, fabric interconnect reboot no longer trigger server reboot.

2.2(3a)A

2.2(6g)A

CSCux96432

Discovery no longer fails on UCS B420 M4 servers with a 2-CPU configuration and a Fusion IO card in adapter slot 3.

2.2(5b)B

2.2(6g)B

CSCux76128

Firmware Auto Install upgrade validation fails as expected when upgrading to Cisco UCS Manager Release 2.2(6g) with deprecated hardware. Auto Install can now be initiated by using the force option either through the GUI or the CLI.

2.1(3j)A

2.2(6g)A

Resolved Caveats in Release 2.2 (6f)

The following caveats are resolved in Release 2.2 (6f)

Table 23. Resolved Caveats in Release 2.2 (6f)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuv46749

When using Cisco B200 M4 blade servers with the UCSB-MRAID12G storage controller, the following random, incorrect transient alerts or faults are no longer reported:

  • Critical Fault [F1004] Controller Inoperable, Reason: Device reported corrupt data

  • Critical Fault [F1004] Controller Inoperable, Reason: Device non-responsive

2.2(3g)B

2.2(6f)B

CSCux40478

When installing a Cisco B200 M3 blade server with a UCSB-MLOM-40G-01 40G VIC and either a UCSB-F-FIO-1300MP or a UCSB-F-1600MS ioMemory PCIe flash Mezzanine card, in a chassis with an N20-I6584 IOM, blade discovery no longer fails because of an “Invalid adapter-iocard combination” error.

2.2(5b)B

2.2(6f)B

CSCux47667

Service profile association no longer fails if the service profile was previously associated to a different server with LUN deployed.

2.2(6e)A

2.2(6f)A

CSCuw44524

The server reboot issues related to clear CMOS BIOS operation in Cisco UCS Manager Release 2.2(5a), 2.2(5b), 2.2(5c) or 2.2(6c) for E7 v2 processors on the C460 M4, B260 M4, and B460 M4 servers are resolved.

2.2(5a)B

2.2(6e)B

CSCuw23829

When inserting a HDD into the final disk slot of a C240 M4 server with 8 supported slots for disks, Cisco UCS Manager no longer displays a disk in the 9th slot.

2.2(4b)A

2.2(6e)A

CSCux10203

When you decommission a C-Series server after it was discovered in direct attached configuration, and the direct attached switch port was changed from Ethernet to FC mode, the following error message no longer appears:

2.2(3h)A

2.2(3j)A, 2.2(6e)A

Warning : if_index 0x1a01a000[Ethx/x] does not exists in VLAN database#ERROR

CSCuw84010

Integrated C-Series rack servers with Seagate drives no longer fail association when using the host firmware policy in a service profile.

2.2(3h)A

2.2(3j)A, 2.2(6e)A

CSCuw59409

The DME crash issue that you may experience when you upgrade a directly connected C-Series rack server without decommissioning to 2.2(5c), and connect the server to FI port, is resolved.

2.2(3h)A

2.2(3j)A, 2.2(6e)A

CSCuv55823

Faults no longer occur when incompatible combinations of CIMC firmware and UCS Manager firmware are installed at the same time.

2.2(1a)A

2.2(6e)A

CSCuv32417

Cisco B200 M4 and B420 M4 blade servers that run on UEFI OS will not reboot unexpectedly.

Note 
BIOS POST not being set as complete, which causes the next shallow discovery to reboot the server, has been resolved. Shallow discovery can occur because of different events including Cisco UCS Manager cluster failover, CIMC reset, or chassis reacknowledgment.

2.2(4b)B

2.2(6e)B

Resolved Caveats in Release 2.2 (6e)

The following caveats are resolved in Release 2.2 (6e)

Table 24. Resolved Caveats in Release 2.2 (6e)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuw44524

The server reboot issues related to clear CMOS BIOS operation in Cisco UCS Manager Release 2.2(5a), 2.2(5b), 2.2(5c) or 2.2(6c) for E7 v2 processors on the C460 M4, B260 M4, and B460 M4 servers are resolved.

2.2(5a)B

2.2(6e)B

CSCuw23829

When inserting a HDD into the final disk slot of a C240 M4 server with 8 supported slots for disks, Cisco UCS Manager no longer displays a disk in the 9th slot.

2.2(4b)A

2.2(6e)A

CSCux10203

When you decommission a C-Series server after it was discovered in direct attached configuration, and the direct attached switch port was changed from Ethernet to FC mode, the following error message no longer appears:

Warning : if_index 0x1a01a000[Ethx/x] does not exists in VLAN database#ERROR

2.2(3h)A

2.2(3j)A, 2.2(6e)A

CSCuw84010

Integrated C-Series rack servers with Seagate drives no longer fail association when using the host firmware policy in a service profile.

2.2(3h)A

2.2(3j)A, 2.2(6e)A

CSCuw59409

The DME crash issue that you may experience when you upgrade a directly connected C-Series rack server without decommissioning to 2.2(5c), and connect the server to FI port, is resolved.

2.2(3h)A

2.2(3j)A, 2.2(6e)A

CSCuv55823

Faults no longer occur when incompatible combinations of CIMC firmware and UCS Manager firmware are installed at the same time.

2.2(1a)A

2.2(6e)A

CSCuv32417

Cisco B200 M4 and B420 M4 blade servers that run on UEFI OS will not reboot unexpectedly.

Note 

BIOS POST not being set as complete, which causes the next shallow discovery to reboot the server, has been resolved. Shallow discovery can occur because of different events including Cisco UCS Manager cluster failover, CIMC reset, or chassis reacknowledgment.

2.2(4b)B

2.2(6e)B

Resolved Caveats in Release 2.2 (6d)

The following caveats are resolved in Release 2.2 (6d)

Table 25. Resolved Caveats in Release 2.2 (6d)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuv45173

When you upgrade C-series server firmware for C220-M4, C240-M4 to Cisco UCS Manager 2.2(6d), you will no longer see the following critical alarm:

Board controller upgraded, manual a/c power cycle required on server x.

2.2(6d)

2.2(6d)C

Resolved Caveats in Release 2.2 (6c)

The following caveats are resolved in Release 2.2 (6c)

Table 26. Resolved Caveats in Release 2.2 (6c)
Defect ID

Description

First Bundle Affected

Resolved in Release

CSCuq77241

Inventory scanning software such as Snow Inventory on Windows OS, CIMC, host OS or a remote KVM session no longer goes into an unresponsive state.

2.2(2c)B

2.2(6c)B

CSCuw03000

PXE boot fails with BSOD when RoCE is enabled.

2.2(5a)B

2.2(6c)B

CSCut78943

When making changes to vNICs or vHBAs that will be provisioned on Cisco Virtual Interface Cards (VICs) 1340 and 1380 adapters, a warning on the placement order impact appears.

2.2(3c)A

2.2(6c)A

CSCuu33864

When upgrading to UCS Manager 2.2(6c) or later, the FI boots successfully without the possibility of causing a file system corruption on the SSD if the FI is equipped with a Unigen SSD.

2.2(3b)A

2.2(6c)A, 3.1(1e), 3.1(2b)

CSCum50468

After upgrading the UCS Manager to version 2.2(6c) or higher, false faults for Fabric VSAN Membership Down are cleared.

2.2(1b)A

2.2(6c)A

CSCut37134

A Cisco UCS B200 M4 server running ESXi 5.5 no longer crashes when you boot locally.

2.2(3a)A

2.2(6c)A

CSCur79257

During an FI bootup, the RACE condition no longer causes UCS Manager configure interface vethernet 0” to switch.

2.2(3a)A

2.2(6c)A

CSCup95855

FSM tasks are no longer stuck in the throttled state in Cisco UCS Manager during Cisco UCS C240 M3 server upgrade.

2.2(1d)A

2.2(3j)A, 2.2(6c)A

CSCuv51214

Messages log are no longer overfilled with BMC is suspecting that palo is in the boot block. Leaving I2C bus alone messages.

2.2(3g)B

2.2(6c)B

CSCuo93591

For a fabric interconnect in end-host mode, the MAC address table aging time no longer gets stuck at 300 regardless of the configuration. The value got stuck at 300 regardless of the configuration. This was the issue which was resolved. This value can be changed through UCSM GUI or CLI.

2.2(1c)A

2.2(6c)A

CSCuu68351

The updated BIOS in UCS M3 B-Series Servers is compatible when running the Snow Inventory client on Windows OS, and does not hang.

2.0(1m)B

2.2(6c)B

CSCut88909

The KVM option, Virtual Media > Activate Virtual Devices is now available.

2.2(3b)A

2.2(6c)A

CSCuu55899

When the VLAN port-count optimization is enabled, and an uplink Ethernet is in a port channel, traffic is now able to flow to the available members in the port channel when there is a link flap on one of its members.

2.2(3b)A

2.2(6c)A

CSCuq63868

When creating a vNIC in a LAN connectivity policy, the show configuration command no longer generates a software error.

2.2(2a)A

2.2(6c)A

CSCut35123

After high-availability failover, chassis-seeprom local IO failures are no longer triggered.

2.2(4b)A

2.2(6c)A