Cisco UCS Manager

Cisco UCS™ Manager, Release 4.0 provides unified, embedded management of all software and hardware components of the Cisco Unified Computing System™ (Cisco UCS) across multiple chassis, Cisco UCS servers, and thousands of virtual machines. Cisco UCS Manager manages Cisco UCS as a single entity through an intuitive GUI, a command-line interface (CLI), or an XML API for comprehensive access to all Cisco UCS Manager functions. For more information on Cisco UCS Manager, see Cisco UCS Manager on Cisco.com.

This document contains information on new features, resolved caveats, open caveats, and workarounds for Cisco UCS Manager, Release 4.0. This document also includes the following:

  • Current information that became available after the technical documentation was published

  • Related firmware and BIOSes on blade and rack servers and other Cisco Unified Computing System (UCS) components associated with the release

Upgrading directly to Cisco UCS Manager 4.0(x) is supported from Release 2.2(8), and 3.1(3) and later releases. For UCS Mini, upgrading directly to Cisco UCS Manager Release 4.0(x) is supported from Release 3.1(3) and later releases. See Cisco UCS Manager Firmware Management Guide, Release 4.0 for details.

Revision History

Release

Date

Description

4.0(4i)

July 6, 2020

Created release notes for Cisco UCS Manager Release 4.0(4i).

July 23, 2020

Added CSCvt64871 and CSCvu11155 to the list of Resolved Caveats for Release 4.0(4i).

July 24, 2020

Moved CSCvq53066 from Open Caveats to Resolved Caveats.

4.0(4h)

March 23, 2020

Created release notes for Cisco UCS Manager Release 4.0(4h).

April 03, 2020

Updated the description for CSCvr79388 in the Resolved Caveats for Release 4.0(4h).

Added CSCvt64871 to the list of Open Caveats for Release 4.0(4h).

April 8, 2020

Added behavior change - Fibre Channel Ports Experiencing txmit Credit Loss Are Now Disabled

June 12, 2020

Added CSCvu11155 to the list of Open Caveats for Release 4.0(4h).

4.0(4g)

December 9, 2019

Created release notes for Cisco UCS Manager Release 4.0(4g).

January 16, 2020

Updated the Internal Dependencies table to clarify support for M3 blade servers.

February 27, 2020

Corrected cable SFP-H25G-CU3M to SFP-H25G-CU5M in CSCvr76930 in Open Caveats

4.0(4f)

November 5, 2019

Created release notes for Cisco UCS Manager Release 4.0(4f).

December 02, 2019

Updated the description for CSCvr40744 in the Resolved Caveats for Release 4.0(4f).

4.0(4e)

September 27, 2019

Created release notes for Cisco UCS Manager Release 4.0(4e).

4.0(4d)

August 19, 2019

Created release notes for Cisco UCS Manager Release 4.0(4d).

4.0(4c)

August 01, 2019

Created release notes for Cisco UCS Manager Release 4.0(4c).

October 01, 2019

Removed CSCvn49417 from the list of Resolved Caveats.

4.0(4b)

May 17, 2019

Created release notes for Cisco UCS Manager Release 4.0(4b).

May 20, 2019

Updated Catalog File Name for 4.0(4b).

June 3, 2019

Added a known limitation - UCS 6300 Series Fabric Interconnect ASIC Limitation with Passive Cables.

4.0(4a)

April 26, 2019

Created release notes for Cisco UCS Manager Release 4.0(4a).

May 15, 2019

Added CSCvp68182 to the list of Open Caveats.

Added the Software Deferral Notice for CSCvp68182.

November 14, 2019

Added behavior change - Cannot Create Virtual Drives with Cached IO Policy Enabled

4.0(2e)

May 15, 2019

Created release notes for Cisco UCS Manager Release 4.0(2e).

4.0(2d)

March 13, 2019

Created release notes for Cisco UCS Manager Release 4.0(2d).

4.0(2b)

January 19, 2019

Created release notes for Cisco UCS Manager Release 4.0(2b).

January 22, 2019

Corrected the UCS Mini model number in the New Hardware in Release 4.0(2b) section.

4.0(2a)

January 02, 2019

Created release notes for Cisco UCS Manager Release 4.0(2a).

January 08, 2019

Updated the Open Caveats for Release 4.0(2a) to include CSCvk63036.

March 03, 2019

Added UCSC-GPU-V100-32 to the list of new hardware.

4.0(1d)

December 20, 2018

Created release notes for Cisco UCS Manager Release 4.0(1d).

September 04, 2019

Updated the description for CSCvq28261.

Added CSCvr08327 to the list of Open Caveats.

4.0(1c)

October 11, 2018

Created release notes for Cisco UCS Manager Release 4.0(1c).

4.0(1b)

September 13, 2018

Created release notes for Cisco UCS Manager Release 4.0(1b).

4.0(1a)

August 14, 2018

Created release notes for Cisco UCS Manager Release 4.0(1a).

August 27, 2018

Added the L1 Terminal Fault caveats — CSCvm03356, CSCvm03351, and CSCvm03339 — to the list of Security Fixes.

June 7, 2019

Added behavior change - Allowed WWPN and WWNN Ranges for a WWN Pool

February 04, 2020

Added CSCvr98210 to the list of Open Caveats.

Top Reasons to Move to Cisco UCS Manager Release 4.0

Here are the top reasons to move to Cisco UCS Manager Release 4.0:

  • Support for UCS 6454 Fabric Interconnects

  • Support for C4200 chassis and Cisco UCS C125 M5 Servers

  • Support for VIC 1400 series adapter cards on UCS M5 servers

  • Support for Cisco UCS C480 M5 ML Servers

  • Support for the Second Generation Intel® Xeon® Scalable processor refresh and Intel® Optane Data Center persistent memory modules on UCS Intel-based M5 servers

  • Improved memory RAS features on M5 servers

  • Support for a new SIOC with S3260 storage servers

  • Support for Hyperflex 3.5 and later releases

  • Support for new peripherals

New Features in Release 4.0

Cisco UCS Manager, Release 4.0 is a unified software release for all supported UCS hardware platforms.

New Hardware Features

New Software Features

New Hardware in Release 4.0(4e)

Peripherals

Support for the Cisco UCS 2408 Fabric Extender (UCS-IOM-2408).

New Hardware in Release 4.0(4c)

Intel NVMe P4510/4511 and P4610 Drive Support

Cisco UCS Manager Release 4.0(4c) introduces firmware support for the following NVMe drives on blade and rack servers:

NMVe Drive

PID for Blade Servers

PID for Rack Servers

Intel P4510 1TB (SSDPE2KX010T8K)

UCSB-NVME2H-I1000

UCSC-NVME2H-I1000

Intel P4510 2TB (SSDPE2KX020T8K)

UCSB-NVME2H-I2TBV

UCSC-NVME2H-I2TBV

Intel P4510 4TB (SSDPE2KX040T8K)

UCSB-NVME2H-I4000

UCSC-NVME2H-I4000

Intel P4510 8TB (SSDPE2KX080T8K)

UCSB-NVMEHW-I8000

UCSC-NVMEHW-I8000

Intel P4610 1.6TB (SSDPE2KE016T8K)

UCSB-NVME2H-I1600

UCSC-NVME2H-I1600

Intel P4610 3.2TB (SSDPE2KE032T8K)

UCSB-NVME2H-I3200

UCSC-NVME2H-I3200

New Hardware in Release 4.0(4a)

Second Generation Intel® Xeon® Scalable Processors

Cisco UCS Manager Release 4.0(4a) introduces support for Second Generation Intel® Xeon® Scalable processors on the following servers:

  • Cisco UCS B200 M5 Server

  • Cisco UCS B480 M5 Server

  • Cisco UCS C220 M5 Server

  • Cisco UCS C240 M5 Server

  • Cisco UCS C480 M5 Server

  • Cisco UCS S3260 M5 Server

Intel® Optane Data Center Persistent Memory Modules

Intel® Optane Data Center persistent memory modules can be used only with the Second Generation Intel® Xeon® Scalable processors.

Cisco UCS Manager Release 4.0(4a) introduces support for the Intel® Optane DC persistent memory modules on the following servers that are based on the Second Generation Intel® Xeon® Scalable processors:

  • Cisco UCS B200 M5 Server

  • Cisco UCS B480 M5 Server

  • Cisco UCS C220 M5 Server

  • Cisco UCS C240 M5 Server

  • Cisco UCS C480 M5 Server

  • Cisco UCS S3260 M5 Server

Intel® Optane DC persistent memory modules support 128GB, 256GB and 512GB of persistent memory. This can be configured through Cisco UCS Manager or the host Operating System tools.

Peripherals

  • Support for NVIDIA T4 16GB GPU cards (UCSC-GPU-T4-16) on the following servers:

    • UCS C220 M5

    • UCS C240 M5

    • UCS C480 M5

  • Support for AMD Radeon Pro V340, 2X16GB, 300W GPU cards (UCSC-GPU-V340)

  • Support for the Cisco UCS 2304V2 Fabric Extender (UCS-IOM-2304V2)

  • Support for Mellanox MCX4121A-ACAT Dual Port 10/25G SFP28 NIC (UCSC-P-M4D25GF)

  • Support for the QLogic QL45611HLCU single port 100GbE PCIe NIC (UCSC-PCIE-QS100GF) on all UCS M5 servers except Cisco UCS C125 M5 Server.

  • Support for the Cisco QSFP 40/100 Gb (QSFP-40/100G-SRBD) dual-rate bi-directional (BiDi) transceiver on UCS 6454 Fabric Interconnects.

  • Hardware RAID support for Cisco Boot Optimized M.2 RAID Controller (UCS-M2-HWRAID) on the following servers:

    • Cisco UCS C220 M5 Server

    • Cisco UCS C240 M5 Server

    • Cisco UCS C480 M5 Server

    • Cisco UCS B200 M5 Server

    • Cisco UCS B480 M5 Server

New Hardware in Release 4.0(2a)

Cisco UCS C480 M5 ML Server

The Cisco UCS C480 M5 ML Rack Server is a purpose-built server for Deep Learning. It is storage- and I/O-optimized for training models. The Cisco UCS C480 M5 ML Server delivers outstanding levels of storage expandability and performance options for standalone or Cisco UCS-managed environments in a 4RU form factor. It offers these capabilities:

  • 8 NVIDIA SXM2 V100 32G modules with NVLink interconnect

  • Latest Intel® Xeon® Scalable processors with up to 28 cores per socket and support for two processor configurations

  • 2666-MHz DDR4 memory and 24 DIMM slots for up to 3 terabytes (TB) of total memory

  • 4 PCI Express (PCIe) 3.0 slots for up to 4 10/25 or 40/100G Cisco VICs (VIC 1455 and VIC 1495)

  • Flexible storage options with support for up to 24 Small-Form-Factor (SFF) 2.5-inch, SAS/SATA Solid-State Disks (SSDs) and Hard-Disk Drives (HDDs)

  • Up to 6 PCIe NVMe disk drives

  • Cisco 12-Gbps SAS Modular RAID Controller in a dedicated slot

  • M.2 boot options

  • Dual embedded 10 Gigabit Ethernet LAN-On-Motherboard (LOM) ports

UCS VIC 1400 Series Adapters

Support for the following new UCS VIC 1400 Series adapters on UCS M5 servers and UCS C125 servers:

  • VIC 1495 40/100G PCIe for C-Series (UCSC-PCIE-C100-04)

  • VIC 1497 40/100G mLOM for C-Series (UCSC-MLOM-C100-04)

This release introduces support for 40G Ethernet connections between the UCS 6300 Series Fabric Interconnects and C-Series servers in direct connect mode while using VIC 1495 or VIC 1497.

In this release, UCS VIC 1400 Series adapters for B-Series are supported on UCS Mini Fabric Interconnects. UCS 6454, UCS 6300 Series, and 6200 Series Fabric Interconnects support all UCS VIC 1400 Series adapters.


Note

Cisco C-Series servers cannot be integrated with Cisco UCS Manager using a combination of Cisco UCS 6324 Fabric Interconnect and Cisco UCS VIC 14xx.



Note

You cannot install VIC adapters from different series on the same server. For example, you cannot install UCS VIC 1300 Series adapters and UCS VIC 1400 Series adapters on the same server.


The following tables illustrate the supported VIC 1400 Series adapter/server combinations for Cisco UCS Manager Release 4.0(2):

Table 1. VIC 1400 Series Adapter Support for M5 B-Series Servers

FI

IOM

1400 Series VIC Adapters

VIC 1440

VIC 1440 + Port Expander

VIC 1480

VIC 1440 + VIC 1480

UCSB-MLOM-40G-04

UCSB-MLOM-40G-04 + UCSB-MLOM-PT-01

UCSB-VIC-M84-4P

UCSB-MLOM-40G-04 + UCSB-VIC-M84-4P

6200 Series

2204/2208

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

6300 Series

2304

B480 M5, B200 M5

B480 M5, B200 M5

B480 M5

B480 M5, B200 M5

2204/2208

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

6454

2204/2208

2408

Note: Support for 2408 (B-Series M4 and M5 servers) was added in Release 4.0(4e)

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

6324 (UCS Mini

NA

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

2204/2208

NA

NA

NA

NA

Table 2. VIC 1400 Series Adapter Support for M5 C-Series and S-Series Servers

FI

FEX

1400 Series VIC Adapters

VIC 1455

VIC 1457

VIC 1495

VIC 1497

UCSC-PCIE-C25Q-04

UCSC-MLOM-C25Q-04

UCSC-PCIE-C100-04

UCSC-MLOM- C100-04

6200 Series

Direct Attach

C220 M5, C240 M5, C480 M5, C480 M5 ML, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

NA

NA

2232 PP

C220 M5, C240 M5, C480 M5, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

NA

NA

2232-T

NA

NA

NA

NA

6300 Series

Direct Attach

C220 M5, C240 M5, C480 M5, C125 M5, C480 M5 ML, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

C220 M5, C240 M5, C480 M5, C125 M5, C480 M5 ML, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

Direct Attach (Break-out)

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

C220 M5, C240 M5, C480 M5, C125 M5, C480 M5 ML, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

2232 PP

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

NA

NA

2232-T

NA

NA

NA

NA

2348

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

NA

NA

6454

Direct Attach (10G/25G)

C220 M5, C240 M5, C480 M5, C125 M5, C480 M5 ML, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

NA

NA

2232 PP

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260 -PCISIOC)

C220 M5, C240 M5

NA

NA

2232-T

NA

NA

NA

NA

2348

NA

NA

NA

NA

6324 (UCS Mini

Direct Attach (10G)

NA

NA

NA

NA

Direct Attach (Break-out)

NA

NA

NA

NA

For more details regarding server and adapter combinations, refer the Server Spec Sheets:

UCS Mini with UCS VIC 1400 Series Adapters

Starting with Cisco UCS Manager Release 4.0(2), UCS Mini (6324) Fabric Interconnects support the following UCS VIC 1400 Series adapters for B-Series servers on the primary chassis:

  • UCSB-MLOM-40G-04 (UCS VIC 1440)

  • UCSB-VIC-M84-4P (UCS VIC 1480)

Peripherals

  • Support for NVIDIA V100 PCIe PG500-200 250W 32GB GPU cards (UCSC-GPU-V100-32) for UCS C240 M5 servers.

  • Support for TPM2 (UCSX-TPM2-002-C) for all UCS servers.

  • Support for hot-plug NVMe drive support on HyperFlex.

  • Support for the High Voltage DC 1200 Watt Power Supply (N9K-PUV-1200W) on UCS 6454 Fabric Interconnects

  • Support for Intel® OptaneTM NVMe Extreme Performance Drives (UCSC-NVMEXP-I750)

  • Support for the QLogic 10G Network Adapter card (UCSC-PCIE-QD10GC) on UCS C125.

  • Support for the QLogic 25G Network Adapter card (UCSC-PCIE-QD25GF) on UCS C125.

  • Support for the QLogic 100G Network Adapter card (UCSC-PCIE-QS100GF) on UCS C480 M5 ML.

New Hardware in Release 4.0(1a)

Fourth Generation Fabric Interconnect

The Cisco UCS 6454 Fabric Interconnect is a core part of the Cisco Unified Computing System, providing both network connectivity and management capabilities for the system. The Cisco UCS 6454 offers line-rate, low-latency, lossless 10/25/40/100 Gigabit Ethernet, Fibre Channel over Ethernet (FCoE), and Fibre Channel functions.

The Cisco UCS 6454 54-Port Fabric Interconnect is a one-rack-unit (1RU) 10/25/40/100 Gigabit Ethernet, FCoE and Fibre Channel switch offering up to 3.82 Tbps throughput and up to 54 ports. The switch has 40 10/25-Gbps fixed Ethernet, 8 10/25-Gbps Ethernet or 8/16/32G Fibre Channel ports and 6 40/100-Gbps Ethernet uplink ports. All Ethernet ports are capable of supporting FCoE.

Cisco UCS C125 M5 Server

Cisco UCS Manager 4.0(1) supports Cisco UCS C125 M5 Servers on UCS 6300 Series and UCS 6454 Fabric Interconnects. The C125 M5 server is Cisco’s first server based on AMD EPYC™ processors. Cisco UCS C125 M5 Servers are housed in the Cisco UCS C4200 Series rack server chassis. Each Cisco UCS C4200 Series rack server chassis supports two to four Cisco UCS C125 M5 Server nodes. The Cisco UCS C125 M5 Server supports the following peripherals:

  • Dual Port 10Gbase-T and 10G/25G SFP28 OCP cards

  • Cisco 12G 9460-8i PCIe 12G SAS RAID controller

  • 32 GB, 64 GB, and 128 GB SD cards

  • 32GB Micro-SD card


    Note

    This is not managed through Cisco UCS Manager.


  • 240 GB and 960 GB M.2 SATA SSD drives

  • 16 GB Flash USB drive


    Note

    This is not managed through Cisco UCS Manager.


  • Mini Storage Carriers for SD and M.2 SATA

  • On-board AHCI controllers

New Generation SIOC for Cisco UCS S3260 Storage Servers

Cisco UCS S3260 Storage Server system supports a new server SIOC UCS-S3260-PCISIOC with S3260 M5 servers. This SIOC has PCIe slots to replace the network adapters. These slots support both Cisco VIC and third-party adapters. Additionally, the new SIOC has two NVME slots. For a complete list of supported cards and adapters, see the Cisco UCS S3260 Server Integration with Cisco UCS Manager, Release 4.0 guide.

UCS VIC 1400 Series Adapters

Support for the following UCS VIC 1400 Series adapters on UCS M5 servers:

  • VIC 1440 10/40G mLOM for B-Series (UCSB-MLOM-40G-04)

  • VIC 1480 10/40G PCIe for B-Series (UCSB-VIC-M84-4P)

  • VIC 1455 10/25G PCIe for C-Series and S-Series (UCSC-PCIE-C25Q-04)

  • VIC 1457 10/25G mLOM for C-Series (UCSC-MLOM-C25Q-04)

In Cisco UCS Manager Release 4.0(1), UCS VIC 1400 Series adapters are supported on UCS 6454, UCS 6300 Series, and 6200 Series Fabric Interconnects. They are not supported on UCS Mini. This release supports 10G/25G Ethernet connections between the UCS 6454 Fabric Interconnect and C-Series servers that have VIC 1455 or VIC 1457.


Note

You cannot install VIC adapters from different series on the same server. For example, you cannot install UCS VIC 1300 Series adapters and UCS VIC 1400 Series adapters on the same server.


The following tables illustrate the supported VIC 1400 Series adapter/server combinations for Cisco UCS Manager Release 4.0(1):

Table 3. VIC 1400 Series Adapter Support for M5 B-Series Servers

FI

IOM

1400 Series VIC Adapters

VIC 1440

VIC 1440 + Port Expander

VIC 1480

VIC 1440 + VIC 1480

UCSB-MLOM-40G-04

UCSB-MLOM-40G-04 + UCSB-MLOM-PT-01

UCSB-VIC-M84-4P

UCSB-MLOM-40G-04 + UCSB-VIC-M84-4P

6200 Series

2204/2208

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

6300 Series

2304

B480 M5, B200 M5

B480 M5, B200 M5

B480 M5

B480 M5, B200 M5

2204/2208

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

6454

2204/2208

B480 M5, B200 M5

NA

B480 M5

B480 M5, B200 M5

Table 4. VIC 1400 Series Adapter Support for M5 C-Series and S-Series Servers

FI

FEX

1400 Series VIC Adapters

VIC 1455

VIC 1457

UCSC-PCIE-C25Q-04

UCSC-MLOM-C25Q-04

6200 Series

Direct Attach

C220 M5, C240 M5, C480 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

2232 PP

C220 M5, C240 M5, C480 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

2232-T

NA

NA

6300 Series

Direct Attach

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

Direct Attach (Break-out)

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

2232 PP

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

2232-T

NA

NA

2348

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

6454

Direct Attach (10G/25G)

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

2232 PP

C220 M5, C240 M5, C480 M5, C125 M5, S3260 M5 (with UCS-S3260-PCISIOC)

C220 M5, C240 M5

2232-T

NA

NA


Note

For more details regarding server and adapter combinations, refer the Server Spec Sheets:


Peripherals

  • Support for the HX-PCIE-OFFLOAD-1 co-processor card with C240Hx M5 servers

  • Support for the High Voltage DC 1200 Watt Power Supply N9K-PUV-1200W on UCS 6332-16UP fabric interconnects

  • Intel Optane NVMe Med. Performance Drives for M5 servers including C220, C240, C480, B200, B480, and S3260 and Hyperflex equivalents.

  • Support for the LSI 9400-8e external SAS HBA on UCS C220, C240, C480 M5 servers.

New Software Features in Release 4.0(4e)

Support for UCS Fabric Extender 2408

UCS Fabric Extender 2408 (UCS-IOM-2408) enables deployment flexibility by supporting 10/25 GbE connectivity to B-Series M4 and M5 servers only on UCS 6454 Fabric Interconnects.

New Software Features in Release 4.0(4c)

ADDDC RAS Changes

  • Adaptive Double Device Data Correction (ADDDC) is a memory RAS feature that enables dynamic mapping of failing DRAM by monitoring corrected errors and taking action before uncorrected errors can occur and cause an outage. It is now enabled by default.

    After ADDDC sparing remaps a memory region, the system could incur marginal memory latency and bandwidth penalties on memory bandwidth intense workloads that target the impacted region. Cisco recommends scheduling proactive maintenance to replace a failed DIMM after an ADDDC RAS fault is reported.

BIOS Updates

  • Default for Select Memory RAS configuration token changed from Maximum Performance to ADDDC sparing for all M5 servers.

Intel ® VMD Enhancements to NVME

Support for Intel Volume Management Devices (VMD) for local storage on 4.0(4c) and later releases. Optional VMD driver .iso packages are available on the Cisco download site for the following Operating Systems:

  • RHEL 7.3, 7.4, 7.5, 7.6

  • CENTOS 7.3, 7.4, 7.5, 7.6

  • SLES-15, SLES-15 v4

  • Windows 2016, Windows 2019

  • ESXi 6.5U2, 6.7U1, 6.7U2

  • Ubuntu 18.04.1

Enhanced features provided by VMD provide support for hot-plugging of PCIe Solid State Drives (SSD), as well as the ability to use a command line interface to configure blinking patterns to indicate drive status.

New Software Features in Release 4.0(4a)

Software Enablement for New Hardware (Listed in the New Hardware section)

Intel® Optane Data Center Persistent Memory Modules

Cisco UCS Manager Release 4.0(4) introduces support for the Intel® Optane Data Center persistent memory modules on the UCS M5 servers that are based on the Second Generation Intel® Xeon® Scalable processors. Intel® Optane DC persistent memory modules can be used only with the Second Generation Intel® Xeon® Scalable processors.

This release provides the ability to configure and manage Intel® Optane DC persistent memory modules through Cisco UCS Manager. Persistent memory modules are non-volatile memory modules that bring together the low latency of memory and the persistence of storage. Data stored in persistent memory modules can be accessed quickly compared to other storage devices, and is retained across power cycles.

Cisco UCS 6454 Fabric Interconnect Enhancements

  • Multicast MAC-Filtering—This enhancement allows hosts to register for the type of traffic to be received, and facilitates traffic forwarding to vNICs based on this criteria.

  • The number of unified ports have been increased from 8 to 16. Beginning with Cisco UCS Manager Release 4.0(4), the port numbering for Cisco UCS 6454 Fabric Interconnects is:

    Table 5. Port Numbering for UCS 6454 Fabric Interconnects

    Ports

    Description

    Ports

    Description

    1-16

    Unified Ports can operate as 10/25 Gbps Ethernet or 8/16/32 Gbps Fibre Channel. FC ports are converted in groups of 4 ports by the first 4 ports (port 1 to 4) or the first 8 ports (port 1 to 8).

    17-44

    Each port can operate as either a 10 Gbps or 25 Gbps SFP28 port.

    45-48

    Each port can operate as a 1 Gbps, 10 Gbps, or 25 Gbps Ethernet or FCoE port.

    49-54

    Each uplink port can operate as either a 40 Gbps or 100 Gbps Ethernet or FCoE port. When using a breakout cable, each of these ports can operate as 4 x 10 Gbps or 4 x 25 Gbps Ethernet or FCoE ports.

    Ports 49-54 can be used only to connect to Ethernet or FCoE uplink ports, and not to UCS server ports.

  • Support for FCoE uplink ports in Fibre Channel switch mode on the Cisco UCS 6454 Fabric Interconnect.

  • Maximum of 8 FCoE SAN uplink port channels are supported per Cisco UCS 6454 Fabric Interconnect, in both FC switch mode and FC end-host mode. A maximum of 4 FC SAN port channels are supported per Cisco UCS 6454 Fabric Interconnect.

    If a Cisco UCS 6454 Fabric Interconnect has a mix of FC SAN port channels and FCoE SAN port channels, they cannot exceed 8 port channels in total.

Support for UCS Fabric Extender 2304V2

UCS Fabric Extender 2304V2 (UCS-IOM-2304V2) is based on UCS Fabric Extender 2304, I/O module with eight 40-Gigabit backplane ports and four 40-Gigabit uplink ports.

Feature Enhancements

  • Consistent Device Naming (CDN) support for SUSE Linux Enterprise Server (SLES)—CDN support has been expanded to include SLES 12 SP3, SLES 12 SP4, and SLES 15.

  • Intel Speed Select—Intel Speed Select allows you to optimize CPU performance by selecting one of three operating profiles, based on the number of logical processor cores, frequency, and TDP thread setting. You can configure Intel Speed Select within a BIOS policy. At boot time, the BIOS discovers the supported CPU and configures it to one of three user-specified profiles.

  • MSwitch Disaster Recovery—This enhancement enables you to recover a corrupted MSwitch and roll back to a previous working firmware.

  • Alternate KVM Port—You can configure a port number between 1024 and 49151 as the KVM port.

  • Disk Scrub for UCS S3260 M4 and M5 servers—This release extends the disk scrub feature for UCS S3260 M4 and M5 servers. For a server associated with a service profile, disk scrub occurs during disassociation, based on the scrub policy used in the service profile.

  • Unified driver support for Fibre Channel and NVMe over Fibre Channel on SLES 12 SP4, SLES 15, and RHEL 7.6. This is in addition to being previously supported on SLES 12 SP3. This support is available on UCS 6300 Series Fabric Interconnects and UCS 6454 Fabric Interconnects. NVMe over Fibre Channel now supports up to 16 interfaces.

  • Support for signed drivers in all supported Linux platforms. All Cisco Linux drivers are now cryptographically signed, which means that they can be used with UEFI Secure Boot on all supported Linux platforms. UEFI Secure Boot ensures that only trusted firmware and drivers are allowed to run at system boot, decreasing vulnerability to malware at boot time.

  • Hardware RAID support for Cisco Boot Optimized M.2 RAID Controller (UCS-M2-HWRAID) on the following servers:

    • Cisco UCS C220 M5 Server

    • Cisco UCS C240 M5 Server

    • Cisco UCS C480 M5 Server

    • Cisco UCS B200 M5 Server

    • Cisco UCS B480 M5 Server

New Software Features in Release 4.0(2a)

Software Enablement for New Hardware (Listed in the New Hardware section)

Cisco UCS 6454 Fabric Interconnect Enhancements

This release introduces support for the following features on the Cisco UCS 6454 Fabric Interconnect:

  • Support for Ethernet and Fibre Channel switching modes.

    In the Ethernet switching mode:

    • VLAN Port Count Optimization Enabled is not supported. Without VLAN Port Count Optimization Enabled, the Cisco UCS 6454 Fabric Interconnect supports 16000 PV count.

    In the Fibre Channel switching mode:

    • FCoE uplink is not supported

  • Support for splitting a single 40/100G QSFP port into four 10/25G ports using a supported breakout cable. These ports can be used only as Ethernet uplink or FCoE uplink ports connecting to a 10/25G switch. They cannot be configured as server ports, FCoE storage ports, appliance ports or monitoring ports.

  • Support for MAC Security on Cisco UCS 6454 Fabric Interconnects

Cisco UCS C480 M5 ML Server

This release introduces support for Cisco UCS C480 M5 ML Servers.

The following features are not supported on Cisco UCS C480 M5 ML Servers:
  • Rear NVME cage and PCIe NVME Switch Card

  • Rear auxilliary drive cage

  • Cisco 12G 9460-8i RAID controller (UCSC-SAS9460-8i)

UCS VIC 1400 Series Adapter Enhancements

This release adds support for the newly introduced UCS VIC 1495 and 1497 adapters on UCS M5 servers.

The UCS VIC 1400 Series adapters now support the following features:

  • Support for UCS Mini on UCS VIC 1440 and UCS VIC 1480 adapters on the primary chassis.

  • Support for NVMe over Fibre Channel, which defines a mapping protocol for applying the NVMe interface to Fibre Channel. This release adds support for the FC NVME Initiator adapter policy on UCS 6300 Series Fabric Interconnects and UCS 6454 Fabric Interconnects.

    FC NVME Target and FC Target are available as Tech Preview options.

  • FC Multi Queue—Enhanced I/O queue range support for FC Multi Queue. The new range is between 1 and 64 queues.

  • Support for Windows 2016 VMQ and SET.

  • Increased Tx and Rx queues for the eNIC driver—Is supported on all VIC 1400, 1300, and 1200 Series adapter cards on B-series and C-series servers. To efficiently use this speed, the number of Tx and Rx queues have been increased from 8 to 256 each. The eNIC driver now supports 256 Tx queues and 256 Rx queues. However, the maximum number of supported Rx and Tx queues cannot be more than the number of CPU cores in the system.

Out of Band NVME Support on New Generation SIOC for Cisco UCS S3260 Storage Servers

Enhancement to support out of band NVME on the UCS-S3260-PCISIOC new generation SIOC for S3260 M5 servers.

Feature Enhancements

  • UCS Mini Fabric Interconnect Enhancements⎯Cisco UCS Manager Release 4.0(2) introduces the following enhancements for Cisco UCS Mini:

    • Cisco UCS Mini Fabric Interconnects now support the following VIC 1400 Series adapter cards for B-Series servers on the primary chassis:

      • UCSB-MLOM-40G-04 (UCS VIC 1440)

      • UCSB-VIC-M84-4P (UCS VIC 1480)

    • Cisco UCS Mini Fabric Interconnects with VIC 1300 Series adapter cards now support the following features:

      • usNIC

      • VXLAN

      • NetFlow

  • Slow Drain—Cisco UCS Manager Release 4.0(2) introduces the QoS Slow Drain Detection and Mitigation feature on Cisco UCS 6454 Fabric Interconnects. This feature provides various enhancements that enable you to detect slow drain devices that cause congestion in the network, and also mitigate it.

  • Simplified RAID0 Configuration—Cisco UCS Manager provides the ability to configure a range of disk slots into individual RAID0 LUNs by using the LUN set option.

  • Support for SED security policies on B-Series M5 servers—Cisco UCS Manager Release 4.0(2) extends the SED security policies to UCS B-Series M5 servers.

  • Support for Redfish version 1.01 on UCS C-Series servers that are attached to the Fabric Interconnect.

  • Life Left on NVMe drives—NVMe statistics are now enhanced to display Life Left on NVMe drives based on their workload.

  • Parallel Disk Update—Support for parallel firmware update on multiple disks.

  • Support for optimized memory initialization and test processes to reduce boot times on UCS M5 servers—Cisco UCS Manager Release 4.0(2) introduces the following BIOS tokens to improve boot time for UCS M5 servers:

    • Adaptive Memory Training Control

    • OptionROM Launch Optimization Control

    • BIOS Tech Message Level Control

    The default value for all three tokens is Enabled.

  • Certificate Manager for Device Connector—The Certificate Manager allows you to view a list of trusted certificates and import a valid trusted certificate.

New Software Features in Release 4.0(1a)

Software Enablement for New Hardware (Listed in the New hardware section)

Cisco UCS 6454 Fabric Interconnect

This release introduces Cisco UCS 6454 Fabric Interconnects that support 10/25 Gigabit ports in the fabric with 40/100 Gigabit uplink ports. The Cisco UCS Manager Getting Started Guide, Release 4.0 provides details about the specific ports.

New Features Supported

The Cisco UCS 6454 Fabric Interconnect introduces the following new features:

  • Support for 10/25 Gigabit ports in the fabric with 40/100 Gigabit uplink ports

  • Support for VIC 1400 Series adapters

  • 128 additional VLANs reserved for internal usage

  • Forward Error Correction (FEC) configurations for ports

Legacy Features Not Supported

The following features are not supported on Cisco UCS 6454 Fabric Interconnects:

  • Chassis Discovery Policy in Non-Port Channel Mode

  • Chassis Connectivity Policy in Non-Port Channel Mode

  • Ethernet or FC switching modes

  • Service profiles with dynamic vNICs

  • Multicast Optimize for QoS

  • Netflow

  • MAC security

  • Port profiles and distributed virtual switches

  • VMFEX

Features Configured Differently

The following features are configured differently on Cisco UCS 6454 Fabric Interconnects:

  • Unified Ports—Cisco UCS 6454 fabric interconnects support up to 8 unified ports, which can be configured as FC.

  • VLAN Optimization—On Cisco UCS 6454 Fabric Interconnects, the PV count is as follows:

    • with VLAN port count optimization disabled—16000

    • with VLAN port count optimization enabled—64000

Cisco UCS C125 M5 Server

This release introduces support for Cisco UCS C125 M5 Servers.

The following are the two main differences between C125 M5 servers and other rack servers.

  • Power capping is not supported on Cisco UCS C125 M5 Servers.

  • For Cisco UCS C125 M5 Servers, ensure that you select the same Fan Speed Policy for all the servers in an enclosure. Cisco UCS Manager applies the Fan Speed Policy of the server which gets associated last. Having the same Fan Speed Policy for the all the server ensures that the desired Fan Speed Policy is applied irrespective of which server is associated last.

UCS VIC 1400 Series Adapters

Support for UCS VIC 1400 Series adapters on UCS M5 servers.

These adapters introduce support for the following new features:

  • Stateless offloads with VxLAN and NVGRE encapsulation for Windows

  • VMMQ for Windows

  • UDP RSS for ESXi and Linux

  • IPv6 Header support

  • NetFlow

  • QoS support

  • Port channel support with UCS VIC 1455 and 1457 adapters


    Note

    Cisco UCS Manager Release 4.0(1) supports only single link port channel for FC/FCoE between VIC 1455 or 1457 adapters that are on direct-connect rack-servers, and UCS 6300 Series Fabric Interconnects.



    Note

    In the port-channel, both ports should have same speed.


The following features are not supported on UCS VIC 1400 Series adapters:

  • VM-FEX for Hyper-V

  • VM-FEX for VMware

  • Dynamic vNICs

  • A port channel with four member ports on UCS VIC 1455 and 1457 adapters

  • usNIC on Cisco UCS C125 M5 Servers

New Generation SIOC for Cisco UCS S3260 Storage Servers

Support for S3260 M5 servers with a new server SIOC UCS-S3260-PCISIOC and the VIC 1400 Series adapter cards.

Feature Enhancements

  • Pre-enablement support for Hyperflex 3.5 release features

  • Support for KMIP client on C480 M5 to support integration with key management servers

  • Support for the IPv6 option on PXE boot devices on Cisco UCS Manager managed C-Series and S-Series M4 servers.

  • Support for the Login Profile feature, which provides the ability to block login requests to Cisco UCS Manager for a specific period after failed login attempts. This feature is currently supported only on UCS 6454 Fabric Interconnects and on Cisco UCS Manager Release 4.0(1) and later releases.

Deprecated Hardware and Software in Cisco UCS Manager Release 4.0

Cisco UCS Manager Release 4.0 does not support UCS B-Series M2 generation blade servers. Cisco UCS Manager Release 4.0 does not support hardware or software that was deprecated in previous releases of Cisco UCS Manager.

Cisco UCS Manager and Cisco UCS C-Series Release Compatibility Matrix for C-Series Rack-Mount Servers

Cisco UCS C-Series Rack-Mount Servers are managed by built-in standalone software— Cisco Integrated Management Controller(Cisco IMC). However, when a C-Series Rack-Mount Server is integrated with Cisco UCS Manager, the Cisco IMC does not manage the server anymore.

Each Cisco UCS Manager release incorporates its corresponding C-Series Standalone release and some previous C-Series standalone releases. For example, Cisco UCS Manager Release 4.0(1) is integrated with C-Series Standalone Release 4.0(1) for the M5 servers and Release 3.0(4) for all M3 and M4 servers. Hence, it supports all the M5, M4 and M3 servers supported by C-Series Standalone releases.

The following table lists the Cisco UCS Manager and C-Series software standalone releases for C-Series Rack-Mount Servers:

Table 6. Cisco UCS Manager and C-Series Software releases for C-Series Servers

Cisco UCS Manager Release

C-Series Standalone Releases Included

C-Series Servers Supported by the C-Series Standalone Releases

4.0(4)

4.0(4)

C220 M5, C240 M5, C480 M5, S3260 M5, C480 M5 ML only

4.0(2)

C220 M4, C240 M4, C460 M4, S3260 M4, C125 M5 only

3.0(4)

All M3

4.0(2)

4.0(2)

C220 M4, C240 M4, C460 M4, C220 M5, C240 M5, C480 M5, S3260 M4, S3260 M5, C125 M5, C480 M5 ML only

3.0(4)

All M3

4.0(1)

4.0(1)

C220 M4, C240 M4, C460 M4, C220 M5, C240 M5, C480 M5, S3260 M4, S3260 M5, C125 M5 only

3.0(4)

All M3

3.2(3)

3.1(3)

C220 M5, C240 M5, C480 M5, S3260 M5 only

3.0(4)

All M3/M4

3.2(2)

3.1(2)

C220 M5, C240 M5, C480 M5 only

3.0(3)

All M3/M4

3.2(1)

3.1(1)

C220 M5, C240 M5 only

3.0(3)

All M3/M4

3.1(3)

3.0(3)

All M3/M4

3.1(2)

2.0(13)

All M3/M4

3.1(1)

2.0(10)

C220 M4, C240 M4 only

2.0(9)

All other M3/M4

2.2(8)

2.0(12)

C460 M4 only

2.0(10)

C220 M4, C240 M4 only

1.5(9)

C420-M3, C260-M2, C460-M2 only

2.0(9)

For all other M3/M4

System Requirements

Cisco UCS Central Integration

Cisco UCS Manager Release 4.0 can only be registered with Cisco UCS Central, Release 2.0(1f) or higher.

Supported Operating Systems

For detailed information about supported operating system, see the interactive UCS Hardware and Software Compatibility matrix.

Supported Web Browsers

Cisco UCS Manager GUI

Web Browsers

HTML5

Microsoft Internet Explorer 11 or higher

Mozilla Firefox 45 or higher

Google Chrome 45 or higher

Apple Safari version 9 or higher

Opera version 35 or higher

Network Requirements

For using the device connector feature, you must configure HTTPS proxy settings. The Cisco UCS Manager Administration Management Guide, Release 4.0 provides detailed information about configuring the device connector.

Cross-Version Firmware Support

The Cisco UCS Manager A bundle software (Cisco UCS Manager, Cisco NX-OS, IOM and FEX firmware) can be mixed with previous B or C bundle releases on the servers (host firmware [FW], BIOS, Cisco IMC, adapter FW and drivers).

The following table lists the mixed A, B, and C bundle versions that are supported on Cisco UCS 6200, 6300, and 6454 fabric interconnects:

Table 7. Mixed Cisco UCS Releases Supported on Cisco UCS 6200, 6300, 6454 Fabric Interconnects

Infrastructure Versions (A Bundles)

Host FW Versions (B or C Bundles)

2.2(8)

3.1(3)

3.2(1)

3.2(2)

3.2(3)

4.0(1)

4.0(2)

4.0(4)

2.2(8)

6200

6200

6200

6200

6200

6200

6200

6200

3.1(3)

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

3.2(1)

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

3.2(2)

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

3.2(3)

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

6200,6332, 6332-16UP

4.0(1)

6200,6332, 6332-16UP, 6454

6200,6332, 6332-16UP, 6454

6200,6332, 6332-16UP, 6454

4.0(2)

6200,6332, 6332-16UP, 6454

6200,6332, 6332-16UP, 6454

6200,6332, 6332-16UP, 6454

4.0(4)

6200,6332, 6332-16UP, 6454

6200,6332, 6332-16UP, 6454

6200,6332, 6332-16UP, 6454

The following table lists the mixed A, B, and C bundle versions that are supported on Cisco UCS Mini fabric interconnects:

Table 8. Mixed Cisco UCS Releases Supported on Cisco UCS Mini Fabric Interconnects

Infrastructure Versions (A Bundles)

Host FW Versions (B or C Bundles)

3.1(3)

3.2(1)

3.2(2)

3.2(3)

4.0(1)

4.0(2)

4.0(4)

3.1(3)

6324

6324

6324

6324

6324

6324

6324

3.2(1)

6324

6324

6324

6324

6324

6324

3.2(2)

6324

6324

6324

6324

6324

6324

3.2(3)

6324

6324

6324

6324

6324

6324

4.0(1)

6324

6324

6324

4.0(2)

6324

6324

6324

4.0(4)

6324

6324

6324

The following table lists the mixed B, C bundles that are supported on all platforms with the 4.0(4)A bundle:

Table 9. Mixed B, C Bundles Supported on All Platforms with the 4.0(4)A Bundle

Infrastructure Versions (A Bundles)

Host FW Versions (B, C Bundles)

4.0(4)

6200

6300

6324

6454

ucs-k9-bundle-infra. 4.0.x.xxx.A.bin ucs-6300-k9-bundle-infra. 4.0.x.xxx.A.bin ucs-mini-k9-bundle-infra. 4.0.x.xxx.A.bin

ucs-6400-k9 -bundle-infra. 4.0.x.xxx.A.bin

2.2(8)

(B, C Bundles)

Yes

3.1(3)

(B, C Bundles)

Yes

Yes

Yes

3.2(1), 3.2(2), 3.2(3)

(B, C Bundles)

Yes

Yes

Yes

4.0(1), 4.0(2), 4.0(4)

(B, C Bundles)

Yes

Yes

Yes

Yes

The following table lists the mixed B, C bundles that are supported on all platforms with the 4.0(2)A bundle:

Table 10. Mixed B, C Bundles Supported on All Platforms with the 4.0(2)A Bundle

Infrastructure Versions (A Bundles)

Host FW Versions (B, C Bundles)

4.0(2)

6200

6300

6324

6454

ucs-k9-bundle-infra. 4.0.x.xxx.A.bin ucs-6300-k9-bundle-infra. 4.0.x.xxx.A.bin ucs-mini-k9-bundle-infra. 4.0.x.xxx.A.bin

ucs-6400-k9 -bundle-infra. 4.0.x.xxx.A.bin

2.2(8)

(B, C Bundles)

Yes

3.1(3)

(B, C Bundles)

Yes

Yes

Yes

3.2(1), 3.2(2), 3.2(3)

(B, C Bundles)

Yes

Yes

Yes

4.0(1), 4.0(2), 4.0(4)

(B, C Bundles)

Yes

Yes

Yes

Yes

The following table lists the mixed B, C bundles that are supported on all platforms with the 4.0(1)A bundle:

Table 11. Mixed B, C Bundles Supported on All Platforms with the 4.0(1)A Bundle

Infrastructure Versions (A Bundles)

Host FW Versions (B, C Bundles)

4.0(1)

6200

6300

6324

6454

ucs-k9-bundle-infra. 4.0.x.xxx.A.bin ucs-6300-k9-bundle-infra. 4.0.x.xxx.A.bin ucs-mini-k9-bundle-infra. 4.0.x.xxx.A.bin

ucs-6400-k9 -bundle-infra. 4.0.x.xxx.A.bin

2.2(8)

(B, C Bundles)

Yes

3.1(3)

(B, C Bundles)

Yes

Yes

Yes

3.2(1), 3.2(2), 3.2(3)

(B, C Bundles)

Yes

Yes

Yes

4.0(1), 4.0(2), 4.0(4)

(B, C Bundles)

Yes

Yes

Yes

Yes


Important

If you implement cross-version firmware, you must ensure that the configurations for the Cisco UCS domain are supported by the firmware version on the server endpoints.


Internal Dependencies

The following sections provide information on the interdependencies between Cisco UCS hardware and versions of Cisco UCS Manager.

  • Version dependencies for Server FRU items such as DIMMs depend on the server type.

  • Chassis items such as fans and power supplies work with all versions of Cisco UCS Manager.

6200 Series, 6332 Series, and 6454 Fabric Interconnects and Components

Blade Servers


Note

In a mixed firmware configuration, we recommend that the minimum server bundle corresponds to the Minimum Software Version. The infrastructure must be at or above the Minimum Software Version.


Table 12. Minimum Host Firmware Versions for Blade Servers

Servers

Minimum Software Version

UCS 6200 Series FI

Minimum Software Version

UCS 6332, 6332-16UP FI

Minimum Software Version

UCS 6332, 6332-16UP FI

Minimum Software Version

UCS 6454 FI

Recommended Software Version

UCS 6200 Series FI

UCS 6332, 6332-16UP FI

UCS 6454 FI

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2304

UCS-IOM-2304V2

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2408*

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2408*

* UCS-IOM-2408 supported on M4 and M5 only with UCS 6454 FI & VIC 1300/1400

B22 M3 E5-2400

B22 M3 E5-2400 v2

Note: M3 servers do not support the 6454 FI and 2408 IOM combination. However, they do support the 6454 FI and 2208 IOM, and 6454 FI and 2204 IOM combinations.

2.2(8a)

2.2(8a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B200 M3 E5-2600

B200 M3 E5-2600 v2

Note: M3 servers do not support the 6454 FI and 2408 IOM combination. However, they do support the 6454 FI and 2208 IOM, and 6454 FI and 2204 IOM combinations.

2.2(8a)

2.2(8a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B200 M4

2.2(8a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B200 M5

3.2(1d)

3.2(1d)

3.2(1d)

4.0(4i)

4.0(1a)

4.0(4i)

B260 M4 E7-2800 v2

B260 M4 E7-4800 v2

B260 M4 E7-8800 v2

B260 M4 E7-4800 v3

B260 M4 E7-8800 v3

2.2(8a)

2.2(8a)

2.2(8a)

2.2(8a)

2.2(8a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B260 M4 E7-4800 v4

B260 M4 E7-8800 v4

2.2(8b)

2.2(8b)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B420 M3 E5-4600

B420 M3 E5-4600 v2

2.2(8a)

2.2(8a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B420 M4 E5-4600 v3

B420 M4 E5-4600 v4

2.2(8a)

2.2(8b)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B460 M4 E7-4800 v2

B460 M4 E7-8800 v2

B460 M4 E7-4800 v3

B460 M4 E7-8800 v3

2.2(8a)

2.2(8a)

2.2(8a)

2.2(8a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B460 M4 E7-4800 v4

B460 M4 E7-8800 v4

2.2(8b)

2.2(8b)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(4i)

4.0(1a)

4.0(4i)

B480 M5

3.2(2b)

3.2(2b)

3.2(2b)

4.0(4i)

4.0(1a)

4.0(4i)

Rack Servers

Table 13. Minimum Host Firmware Versions for Rack Servers

Servers

Minimum Software Version

UCS 6200 Series FI

Minimum Software Version

UCS 6332, 6332-16UP

Minimum Software Version

UCS 6454

Recommended Software Version

UCS 6200 Series FI

UCS 6332, 6332-16UP FI

UCS 6454

C22 M3 and M3L

2.2(8a)

3.1(3a)

4.0(1a)

4.0(4i)

C24 M3, M3L, and M3S2

2.2(8a)

3.1(3a)

4.0(1a)

4.0(4i)

C220 M3

2.2(8a)

3.1(3a)

4.0(1a)

4.0(4i)

C220 M4

2.2(8a)

3.1(3a)

4.0(1a)

4.0(4i)

C220 M5

3.2(1d)

3.2(1d)

4.0(1a)

4.0(4i)

C240 M3

2.2(8a)

3.1(3a)

4.0(1a)

4.0(4i)

C240 M4

2.2(8a)

3.1(3a)

4.0(1a)

4.0(4i)

C240 M5

3.2(1d)

3.2(1d)

4.0(1a)

4.0(4i)

C460 M4 E7-2800 v2

C460 M4 E7-4800 v2

C460 M4 E7-8800 v2

C460 M4 E7-4800 v3

C460 M4 E7-8800 v3

2.2(8a)

2.2(8a)

2.2(8a)

2.2(8a)

2.2(8a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

C460 M4 E7-8800 v4

2.2(8b)

3.1(3a)

4.0(1a)

4.0(4i)

C480 M5

3.2(2b)

3.2(2b)

4.0(1a)

4.0(4i)

S3260 M4

3.1(2b)

3.1(3a)

4.0(1a)

4.0(4i)

S3260 M5

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

C125 M5

NA

4.0(1a) 4.0(1a)

4.0(4i) (only on UCS 6332, UCS 6332-16UP FI, and UCS 6454

C480 M5 ML

4.0(2a)

4.0(2a)

4.0(2a)

4.0(4i)

Adapters

Table 14. Minimum Software Versions for Adapters

Adapters

Minimum Software Version

UCS 6200 Series FI

Minimum Software Version

UCS 6332, 6332-16UP

Minimum Software Version

UCS 6332, 6332-16UP

Minimum Software Version

UCS 6454

Recommended Software Version

UCS 6200 Series FI

UCS 6332, 6332-16UP FI

UCS 6454

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2304

UCS-IOM-2304V2

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2204

UCS-IOM-2208

UCS-IOM-2408*

* UCS-IOM-2408 supported on M4 and M5 only with UCS 6454 FI

UCSC-P-M4D25GF (Mellanox MCX4121A-ACAT Dual Port 10/25G SFP28 NIC)

4.0(4i)

4.0(4i)

4.0(4i)

4.0(4i)

4.0(4i)

UCSC-PCIE-QS100GF (QLogic QL45611HLCU 100GbE)

4.0(4i)

4.0(4i)

4.0(4i)

4.0(4i)

4.0(4i)

UCSC-PCIE-C100-04 (UCS VIC 1495)

NA

4.0(2a)

4.0(2a)

NA

4.0(4i)(only on UCS 6332, 6332-16UP FI)

UCSC-MLOM-C100-04 (UCS VIC 1497)

NA

4.0(2a)

4.0(2a)

NA

4.0(4i)(only on UCS 6332, 6332-16UP FI)

UCSB-MLOM-40G-04 (UCS VIC 1440)

4.0(1a)

4.0(1a)

4.0(1a)

4.0(1a)

4.0(4i)

UCSB-VIC-M84-4P (UCS VIC 1480)

4.0(1a) 4.0(1a) 4.0(1a)

4.0(1a)

4.0(4i)

UCSC-PCIE-C25Q-04 (UCS VIC 1455)

4.0(1a) 4.0(1a) 4.0(1a)

4.0(1a)

4.0(4i)

UCSC-MLOM-C25Q-04 (UCS VIC 1457)

4.0(1a) 4.0(1a) 4.0(1a)

4.0(1a)

4.0(4i)

UCSC-PCIE-BD16GF (Emulex LPe31002 Dual-Port 16G FC HBA)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-ID40GF (Intel XL710 adapter)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-IQ10GF (Intel X710-DA4 adapter)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-ID10GF (Intel X710-DA2 adapter)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

XXV710-DA2 (Intel XXV710-DA2 adapter)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-ID10GC (Intel X550-T2 adapter)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

N2XX-AIPCI01 (Intel X520 dual port adapter)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-ID25GF (Intel X710 25Gb Dual-port BaseT)

3.2(3a)

3.2(3a)

3.2(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-QD25GF (QLogic QL41212H 25GbE)

3.2(2b)

3.2(2b)

3.2(2b)

4.0(1a)

4.0(4i)

UCSC-PCIE-QD40GF (QLogic QL45212H 40GbE)

3.2(2b)

3.2(2b)

3.2(2b)

4.0(1a)

4.0(4i)

UCSC-PCIE-IQ10GC (Intel X710-T4)

3.2(2b)

3.2(2b)

3.2(2b)

4.0(1a)

4.0(4i)

UCSC-PCIE-QD16GF (QLogic QLE2692-CSC)

3.2(1d)

3.2(1d)

3.2(1d)

4.0(1a)

4.0(4i)

UCSC-PCIE-C40Q-03 (UCS VIC 1385)

UCSC-MLOM-C40Q-03 (UCS VIC 1387)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCS-VIC-M82-8P (UCS VIC 1280)

UCSB-MLOM-40G-01 (UCS VIC 1240)

UCSB-MLOM-PT-01 (Cisco Port Expander Card)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSB-MLOM-40G-03 (UCS VIC 1340)

UCSB-VIC-M83-8P (UCS VIC 1380)

UCSC-MLOM-CSC-02 (UCS VIC 1227)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-CSC-02 (UCS VIC 1225)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-F-FIO-1000MP (Cisco UCS Fusion ioMemory – PX600, 1.0TB)

UCSC-F-FIO-1300MP (Cisco UCS Fusion ioMemory – PX600, 1.3TB)

UCSC-F-FIO-2600MP (Cisco UCS Fusion ioMemory – PX600, 2.6TB)

UCSC-F-FIO-5200MP (Cisco UCS Fusion ioMemory – PX600, 5.2TB)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSB-FIO-1600MS (Cisco UCS Fusion ioMemory Mezzanine SX300, 1.6TB)

UCSB-FIO-1300MS (Cisco UCS Fusion ioMemory Mezzanine PX600, 1.3TB)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-INVADER-3108

UCSC-NYTRO-200GB (Cisco Nytro MegaRAID 200GB Controller)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-MLOM-C10T-02 (UCS VIC 1227T)

UCSC-PCIE-C10T-02 (UCS VIC 1225T)

UCSC-F-FIO-785M (Cisco UCS 785GB MLC Fusion ioDrive2 for C-Series Servers)

UCSC-F-FIO-365M (Cisco UCS 365GB MLC Fusion ioDrive2 for C-Series Servers)

UCSC-F-FIO-1205M (Cisco UCS 1205GB MLC Fusion ioDrive2 for C-Series Servers)

UCSC-F-FIO-3000M (Cisco UCS 3.0TB MLC Fusion ioDrive2 for C-Series Servers)

UCSC-F-FIO-1000PS (UCS 1000GB Fusion ioMemory3 PX Performance line for Rack M4)

UCSC-F-FIO-1300PS (UCSC-F-FIO-1300PS)

UCSC-F-FIO-2600PS (UCS 2600GB Fusion ioMemory3 PX Performance line for Rack M4)

UCSC-F-FIO-5200PS (UCS 5200GB Fusion ioMemory3 PX Performance line for Rack M4)

UCSC-F-FIO-6400SS (UCS 6400GB Fusion ioMemory3 SX Scale line for C-Series)

UCSC-F-FIO-3200SS (UCS 3200GB Fusion ioMemory3SX Scale line for C-Series)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-E14102B (Emulex OCe14102B-F)

2.2(8a)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-IQ10GF (Intel X710-DA4 adapter)

UCSC-PCIE-ID10GF (Intel X710-DA2 adapter)

UCSC-PCIE-ID40GF (Intel XL710 adapter)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-F-I80010 (Intel P3700 HHHL 800GB NVMe PCIe SSD)

UCSC-F-I12003 (Intel P3600 HHHL 1200GB NVMe PCIe SSD)

UCSC-F-I160010 (Intel P3700 HHHL 1600GB NVMe PCIe SSD)

UCSC-F-I20003 (Intel P3600 HHHL 2000GB NVMe PCIe SSD )

UCS-PCI25-40010 (Intel P3700 400GB NVMe PCIe SSD)

UCS-PCI25-8003 (Intel P3600 800GB NVMe PCIe SSD)

UCS-PCI25-80010 (Intel P3700 800GB NVMe PCIe SSD)

UCS-PCI25-16003 (Intel P3600 1600GB NVMe PCIe SSD)

UCSC-F-H19001 (UCS Rack PCIe/NVMe Storage 1900GB HGST SN150)

UCSC-F-H38001 (UCS Rack PCIe/NVMe Storage 3800GB HGST SN150)

UCS-PCI25-38001 (UCS PCIe/NVMe2.5"SFF Storage 3800GB HGST SN100)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-QD32GF (Qlogic QLE2742)

N2XX-AQPCI05 (Qlogic QLE2562)

UCSC-PCIE-Q2672 (Qlogic QLE2672-CSC)

UCSC-PCIE-BD32GF (Emulex LPe32002)

UCSC-PCIE-BS32GF (Emulex LPe32001)

N2XX-AEPCI05 (Emulex LPe12002)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

UCSC-PCIE-E16002 (Emulex LPe16002-M6 16G FC rack HBA)

3.2(1d)

3.2(1d)

4.0(1a)

4.0(4i)

UCSC-PCIE-ID10GC (Intel X550 Dual-port 10GBase-T NIC)

3.1(2b)

3.1(3a)

3.1(3a)

4.0(1a)

4.0(4i)

Other Hardware

We recommend that you use the latest software version for all Chassis, Fabric Interconnects, Fabric Extenders, Expansion Modules and Power Supplies. To determine the minimum software version for your mixed environment, see Cross-Version Firmware Support. The following is the list of other supported hardware:

Table 15. Supported Hardware for UCS 6454 Fabric Interconnects

Type

Details

Chassis

UCSC-C4200-SFF

N20–C6508

UCSB-5108-DC

UCSB-5108-AC2

UCSB-5108-DC2

UCSB-5108-HVDC

Fabric Interconnects

UCS 6454

Fabric Extenders

Cisco UCS 2204XP

Cisco UCS 2208XP

Cisco Nexus 2232PP

Cisco Nexus 2232TM-E

Cisco UCS 2408

Power Supplies

N9K-PUV-1200W

UCSB-PSU-2500HVDC

UCSB-PSU-2500DC48

UCSC-PSU-930WDC

UCSC-PSU2V2-930WDC

UCSC-PSUV2-1050DC

UCSC-PSU1-770W

UCSC-PSU1-1050W

UCSC-PSU2-1400

UCSC-PSU2V2-1400W

UCSC-PSU2V2-650W

UCSC-PSU2V2-1200W

UCSB-PSU-2500ACPL

UCSB-PSU-2500ACDV

N20-PAC5-2500W

Table 16. Supported Hardware for UCS 6332, UCS 6332-16UP Fabric Interconnects

Type

Details

Chassis

N20–C6508

UCSB-5108-DC

UCSB-5108-AC2

UCSB-5108-DC2

UCSB-5108-HVDC

Fabric Interconnects

UCS 6332UP

UCS 6332-16UP

Fabric Extenders

Cisco UCS 2208XP

Cisco UCS 2204XP

Cisco Nexus 2232PP

Cisco Nexus 2232TM-E

Cisco UCS 2304

Cisco UCS 2304V2

Cisco Nexus 2348UPQ

Power Supplies

UCSB-PSU-2500HVDC

UCSB-PSU-2500DC48

UCSC-PSU-930WDC

UCSC-PSU2V2-930WDC

UCSC-PSUV2-1050DC

UCSC-PSU1-770W

UCSC-PSU1-1050W

UCSC-PSU2-1400

UCSC-PSU2V2-1400W

UCSC-PSU2V2-650W

UCSC-PSU2V2-1200W

UCSB-PSU-2500ACPL

UCSB-PSU-2500ACDV

N20-PAC5-2500W

N9K-PUV-1200W


Note

The 40G backplane setting is not applicable for 22xx IOMs.


Table 17. Supported Hardware for UCS 6200 Fabric Interconnects

Type

Details

Chassis

N20–C6508

UCSB-5108-DC

UCSB-5108-AC2

UCSB-5108-DC2

UCSB-5108-HVDC

Fabric Interconnects

UCS 6248UP

UCS 6296UP

Fabric Extenders

UCS 2208XP

UCS 2204XP

Cisco Nexus 2232PP

Cisco Nexus 2232TM-E

Expansion Modules

UCS-FI-E16UP

Power Supplies

UCSB-PSU-2500HVDC

UCSB-PSU-25004DC48

UCSC-PSU-930WDC

UCSC-PSU2V2-930WDC

UCSC-PSUV2-1050DC

UCSC-PSU1-770W

UCSC-PSU1-1050W

UCSC-PSU2-1400

UCSC-PSU2V2-1400W

UCSC-PSU2V2-650W

UCSC-PSU2V2-1200W

UCSB-PSU-2500ACPL

UCSB-PSU-2500ACDV

N20-PAC5-2500W

GB Connector Modules, Transceiver Modules, and Cables

Following is the list of Gb connector modules, transceiver modules, and supported cables:


Note


Table 18. Supported Transceiver Modules and Cables for GB Connector Modules

Gb Connector Modules

Transceiver Modules and Cables

FC for UCS 6454 Fabric Interconnects

DS-SFP-FC8G-SW

DS-SFP-FC8G-LW

DS-SFP-FC16G-SW

DS-SFP-FC16G-LW

DS-SFP-FC32G-SW

DS-SFP-FC32G-LW

100-Gb for UCS 6454 Fabric Interconnects

QSFP-40/100G-SRBD

QSFP-100G-SR4-S

QSFP-100G-LR4-S

QSFP-100G-SM-SR

QSFP-100G-CU1M

QSFP-100G-CU2M

QSFP-100G-CU3M

QSFP-100G-AOC1M

QSFP-100G-AOC2M

QSFP-100G-AOC3M

QSFP-100G-AOC5M

QSFP-100G-AOC7M

QSFP-100G-AOC10M

QSFP-100G-AOC15M

QSFP-100G-AOC20M

QSFP-100G-AOC25M

QSFP-100G-AOC30M

40-Gb for UCS 6454 Fabric Interconnects

QSFP-40G-SR4

QSFP-40G-SR4-S

QSFP-40G-SR-BD

QSFP-40G-LR4

QSFP-40G-LR4-S

QSFP-40G-ER4

WSP-Q40GLR4L

QSFP-H40G-CU1M

QSFP-H40G-CU3M

QSFP-H40G-CU5M

QSFP-H40G-ACU7M

QSFP-H40G-ACU10M

QSFP-H40G-AOC1M

QSFP-H40G-AOC2M

QSFP-H40G-AOC3M

QSFP-H40G-AOC5M

QSFP-H40G-AOC10M

QSFP-H40G-AOC15M

40-Gb for UCS 6300 Series Fabric Interconnects

QSFP-40G-SR4 in 4x10G mode with external 4x10G splitter cable to SFP-10G-SR

QSFP-40G-CSR4

QSFP-40G-LR4

QSFP-40G-LR4-S

QSFP-40G-SR-BD

QSFP-40G-SR4

QSFP-40G-SR4-S

FET-40G

QSFP-4SFP10G-CU1M

QSFP-4SFP10G-CU3M

QSFP-4SFP10G-CU5M

QSFP-4X10G-AC7M

QSFP-4X10G-AC10M

QSFP-4X10G-AOC1M

QSFP-4X10G-AOC2M

QSFP-4X10G-AOC3M

QSFP-4X10G-AOC5M

QSFP-4X10G-AOC7M

QSFP-4X10G-AOC10M

QSFP-H40G-ACU7M

QSFP-H40G-ACU10M

QSFP-H40G-AOC1M

QSFP-H40G-AOC2M

QSFP-H40G-AOC3M

QSFP-H40G-AOC5M

QSFP-H40G-AOC7M

QSFP-H40G-AOC10M

QSFP-H40G-AOC15M

QSFP-H40G-CU1M

QSFP-H40G-CU3M

QSFP-H40G-CU5M

32-Gb FC for UCS 6454 Fabric Interconnects

DS-SFP-FC32G-SW

DS-SFP-FC32G-LW

25-Gb for UCS 6454 Fabric Interconnects

SFP-25G-SR-S

SFP-H25G-CU1M

SFP-H25G-CU2M

SFP-H25G-CU3M

SFP-H25G-CU5M

SFP-H25G-AOC1M

SFP-H25G-AOC2M

SFP-H25G-AOC3M

SFP-H25G-AOC5M

SFP-H25G-AOC7M

SFP-H25G-AOC10M

16-Gb for UCS 6454 and UCS 6332UP Fabric Interconnects

DS-SFP-FC16G-LW

DS-SFP-FC16G-SW

10-Gb for UCS 6454 Fabric Interconnects

SFP-10G-SR

SFP-10G-SR-S

SFP-10G-LR

SFP-10G-LR-S

SFP-10G-ER

SFP-10G-ER-S

SFP-10G-ZR

SFP-10G-ZR-S

FET-10G

Note 

FET-10G is only supported between Fabric Interconnects and IOMs/FEXs.

SFP-10G-LRM

SFP-H10GB-CU1M

SFP-H10GB-CU2M

SFP-H10GB-CU3M

SFP-H10GB-CU5M

SFP-H10GB-ACU7M

SFP-H10GB-ACU10M

SFP-10G-AOC1M

SFP-10G-AOC2M

SFP-10G-AOC3M

SFP-10G-AOC5M

SFP-10G-AOC7M

SFP-10G-AOC10M

10-Gb for UCS 6300 and 6200 Series Fabric Interconnects

SFP-10G-SR

SFP-10G-SR-S

SFP-10G-LR

SFP-10G-LR-S

SFP-H10GB-CU1M

SFP-H10GB-CU2M

SFP-H10GB-CU3M

SFP-H10GB-CU5M

SFP-H10GB-ACU7M

SFP-H10GB-ACU10M

FET-10G

1SFP-10G-AOC1M

SFP-10G-AOC2M

SFP-10G-AOC3M

SFP-10G-AOC5M

SFP-10G-AOC7M

SFP-10G-AOC10M

8-Gb FC for UCS 6454 and UCS 6332UP Fabric Interconnects

DS-SFP-FC8G-SW

DS-SFP-FC8G-LW

4-Gb FC for UCS 6300 and 6200 Series Fabric Interconnects

DS-SFP-FC4G-SW

DS-SFP-FC4G-LW

1-Gb for UCS 6454 Fabric Interconnects

GLC-TE

GLC-SX-MMD

SFP-GE-T

1-Gb for UCS 6300 and 6200 Series Fabric Interconnects

GLC-TE

GLC-SX-MM

GLC-LH-SM

1 SFP-10G-AOC cables are only supported for Cisco 1455 and 1457 VIC cards.

Note

The maximum length of fiber optic runs is limited to 300 meters. This is imposed by our use of 802.3X/802.1Qbb Priority Pauses. SFP-10G-LR is supported between fabric interconnect and FEX, but the 300 m limit still applies.


Cisco UCS Mini and Components

UCS Mini Supported Chassis

Table 19. Minimum Software Versions for UCS Mini Chassis

Chassis

Minimum Software Version

Recommended Software Version

UCSB-5108-AC2

3.0(1e)

4.0(4i)

UCSB-5108-DC2

3.0(2c)

4.0(4i)

UCS Mini Supported Blade and Rack Servers

Table 20. Minimum Host Firmware Versions for Blade and Rack Servers on UCS Mini

Servers

Minimum Software Version

Recommended Software Version

B200 M5

3.2(1d)

4.0(4i)

B200 M3

3.1(3a)

4.0(4i)

B200 M4

3.1(3a)

4.0(4i)

B260 M4

3.1(3a)

4.0(4i)

B420 M3

3.1(3a)

4.0(4i)

B420 M4

3.1(3a)

4.0(4i)

B460 M4

3.1(3a)

4.0(4i)

B480 M5

3.1(3a)

4.0(4i)

B22 M3

3.1(3a)

4.0(4i)

C220 M3

3.1(3a)

4.0(4i)

C240 M3

3.1(3a)

4.0(4i)

C220 M4

3.1(3a)

4.0(4i)

C240 M4

3.1(3a)

4.0(4i)

C460 M4

3.1(3a)

4.0(4i)

C220 M5

3.2(1d)

4.0(4i)

C240 M5

3.2(1d)

4.0(4i)

C480 M5

3.2(2b)

4.0(4i)

UCS Mini Supported Adapters

Adapters

Minimum Software Version

Recommended Software Version

UCSB-MLOM-40G-04 (UCS VIC 1440)

UCSB-VIC-M84-4P (UCS VIC 1480)

4.0(2a)

4.0(4i)

UCSC-PCIE-IQ10GC (Intel X710-T4)

UCSC-PCIE-QD25GF (QLogic QL41212H 25GbE)

UCSC-PCIE-QD40GF (QLogic QL45212H 40GbE)

3.2(2b)

4.0(4i)

UCSC-PCIE-C40Q-03 (UCS VIC 1385)

UCSC-MLOM-C40Q-03 (UCS VIC 1387)

3.1(3a)

4.0(4i)

UCS-VIC-M82-8P (UCS VIC 1280)

UCSB-MLOM-40G-01 (UCS VIC 1240)

UCSB-MLOM-PT-01 (Cisco Port Expander Card)

3.1(3a)

4.0(4i)

UCSB-MLOM-40G-03 (UCS VIC 1340)

UCSB-VIC-M83-8P (UCS VIC 1380)

UCSC-MLOM-CSC-02 (UCS VIC 1227)

3.1(3a)

4.0(4i)

UCSC-PCIE-CSC-02 (UCS VIC 1225)

3.1(3a)

4.0(4i)

UCS Mini Supported Fabric Interconnects

Fabric Interconnects

Minimum Software Version

Recommended Software Version

Cisco UCS 6324

3.1(3a)

4.0(4i)

UCS Mini Supported Fabric Extenders for Secondary Chassis

Fabric Extenders

Minimum Software Version

Recommended Software Version

UCS 2204 XP

3.1(3a)

4.0(4i)

UCS 2208 XP

3.1(3a)

4.0(4i)

UCS Mini Supported Power Supplies

Power Supplies

Minimum Software Version

Recommended Software Version

UCSB-PSU-2500ACDV

UCSB-PSU-2500DC48

UCSC-PSU-930WDC

UCSC-PSU2V2-930WDC

UCSC-PSUV2-1050DC

UCSC-PSU1-770W

UCSC-PSU2-1400

UCSC-PSU2V2-1400W

UCSC-PSU2V2-650W

UCSC-PSU2V2-1200W

3.1(3a)

4.0(4i)

UCS Mini Supported Gb Connector Modules

We recommend that you use the current software version for Gb port speed connections. Following is the list of Gb connector modules and supported cables:


Note

Transceiver modules and cables that are supported on a specific Fabric Interconnect are not always supported on all VIC adapters, IOMs, or FEXes that are compatible with that Fabric Interconnect. Detailed compatibility matrices for the transceiver modules are available here:https://www.cisco.com/c/en/us/support/interfaces-modules/transceiver-modules/products-device-support-tables-list.html


Gb Connector Modules

Transceivers Modules and Cables

40-Gb

QSFP-40G-SR4 in 4x10G mode with external 4x10G splitter cable to SFP-10G-SR

QSFP-4SFP10G-CU1M

QSFP-4SFP10G-CU3M

QSFP-4SFP10G-CU5M

QSFP-4X10G-AC7M

QSFP-4X10G-AC10M

QSFP-4X10G-AOC1M

QSFP-4X10G-AOC2M

QSFP-4X10G-AOC3M

QSFP-4X10G-AOC5M

QSFP-4X10G-AOC7M

QSFP-4X10G-AOC10M

10-Gb

SFP-10G-LR

SFP-10G-LR-S

SFP-10G-LR-X

SFP-10G-SR

SFP-10G-SR-S

SFP-10G-SR-X

SFP-H10GB-CU1M

SFP-H10GB-CU2M

SFP-H10GB-CU3M

SFP-H10GB-CU5M

SFP-H10GB-ACU7M

SFP-H10GB-ACU10M

SFP-10G-AOC1M

SFP-10G-AOC2M

SFP-10G-AOC3M

SFP-10G-AOC5M

SFP-10G-AOC7M

SFP-10G-AOC10M

8-Gb

DS-SFP-FC8G-SW

DS-SFP-FC8G-LW

4-Gb

DS-SFP-FC4G-SW

DS-SFP-FC4G-LW

1-Gb

GLC-TE

GLC-LH-SM

GLC-SX-MM

Upgrade and Downgrade Guidelines

  • In a system with Cisco UCS 6454 Fabric Interconnects, you cannot downgrade from Cisco UCS Manager Release 4.0.

    See the Cisco UCS Manager Firmware Management Guide, Release 4.0 section Firmware Upgrade to Cisco UCS Manager Release 4.0 for detailed upgrade paths.

  • Do not downgrade systems equipped with LITE-ON 1050W PSUs to a Cisco UCS Manager release earlier than Release 4.0(2). Board controller activation for UCS C240 M5 servers with LITE-ON 1050W PSU may fail during the discovery process when it is downgraded from Cisco UCS Manager Release 4.0(2).

  • In a system with Cisco UCS 6454 Fabric Interconnects, you cannot downgrade from Cisco UCS Manager Release 4.0(2) when Ethernet or FC switch mode is enabled on the Fabric Interconnect because this mode is not supported in versions earlier than 4.0(2).

    Also, if port-security is enabled in the network control policy, it is disabled during downgrade from Cisco UCS Manager Release 4.0(2) because it is not supported in versions earlier than 4.0(2).

  • When upgrading or downgrading systems using Intel Volume Management Device (VMD) for NVMe, the system will fail to boot if VMD is enabled or disabled in the BIOS after OS installation. Do not change the BIOS setting after OS installation.

  • When upgrading Fabric Interconnects or servers (B-Series and C-Series) from Cisco UCS Manager Release 4.0(4c) to 4.0(4d), the FSM skips validation, and firmware upgrades complete without reboot.

Capability Catalog

The Cisco UCS Manager Capability Catalog is a set of tunable parameters, strings, and rules. Cisco UCS uses the catalog to update the display and configurability of components such as newly qualified DIMMs and disk drives for servers.

The Capability Catalog is embedded in Cisco UCS Manager, but at times it is also released as a single image file to make updates easier.

The following table lists the PIDs added in this release and maps UCS software releases to the corresponding Capability Catalog file.

Table 21. Version Mapping

UCS Release

Catalog File Name

Additional PIDs In This Release

4.0(4i)

ucs-catalog.4.0.4h.T.bin

CPUs for UCS B200 M5, C220 M5, and C240 M5 servers:

  • UCS-CPU-I6238R

  • UCS-CPU-I6240R

  • UCS-CPU-I6242R

  • UCS-CPU-I6246R

  • UCS-CPU-I6248R

  • UCS-CPU-I6226R

  • UCS-CPU-I6258R

  • UCS-CPU-I5220R

CPUs for UCS B200 M5, C220 M5, C240 M5, and UCS S3260 M5 servers:

  • UCS-CPU-I6230R

  • UCS-CPU-I5218R

  • UCS-CPU-I4214R

  • UCS-CPU-I4215R

CPUs for UCS B200 M5, UCS B480 M5, C220 M5, C240 M5, and C480 M5 servers:

  • UCS-CPU-I8253

4.0(4h)

ucs-catalog.4.0.4h.T.bin

CPUs for UCS B200 M5, C220 M5, and C240 M5 servers:

  • UCS-CPU-I6238R

  • UCS-CPU-I6240R

  • UCS-CPU-I6242R

  • UCS-CPU-I6246R

  • UCS-CPU-I6248R

  • UCS-CPU-I6226R

  • UCS-CPU-I6258R

  • UCS-CPU-I5220R

CPUs for UCS B200 M5, C220 M5, C240 M5, and UCS S3260 M5 servers:

  • UCS-CPU-I6230R

  • UCS-CPU-I5218R

  • UCS-CPU-I4214R

  • UCS-CPU-I4215R

CPUs for UCS B200 M5, UCS B480 M5, C220 M5, C240 M5, and C480 M5 servers:

  • UCS-CPU-I8253

4.0(4g)

ucs-catalog.4.0.4g.T.bin

CPUs for UCS B200 M5, C220 M5, and C240 M5 servers:

  • UCS-CPU-I4214R

  • UCS-CPU-I4210R

  • UCS-CPU-I3206R

4.0(4f)

ucs-catalog.4.0.4f.T.bin

4.0(4e)

ucs-catalog.4.0.4e.T.bin

CPUs for UCS B200 M5, B480 M5, C220 M5, C240 M5, and C480 M5 servers:

  • UCS-CPU-I6238

  • UCS-CPU-I6238M

  • UCS-CPU-I6238L

  • UCS-CPU-I5220S

  • UCS-CPU-I6226

  • UCS-CPU-I6234

  • UCS-CPU-I6240L

  • UCS-CPU-I6240M

  • UCS-CPU-I6246

  • UCS-CPU-I5218B

CPUs for UCS C220 M5, C240 M5, B200 M5, B480 M5, C480 M5, and S3260-M5 servers:

  • UCS-CPU-I6222V

  • UCS-CPU-I6262V

CPUs for UCS C220 M5, C240 M5, and B200 M5 servers:

  • UCS-CPU-I5218N

CPUs for UCS C220 M5, C240 M5, B480 M5, and B200 M5 servers:

  • UCS-CPU-I6230N

CPUs for UCS C220 M5, C240 M5, C480 M5, and B200 M5 servers:

  • UCS-CPU-I6252N

Drives:

  • UCS-SD76TSB61X-EV

  • UCS-SD76T61X-EV

Fabric Extender:

  • UCS-IOM-2408

4.0(4d)

ucs-catalog.4.0.4d.T.bin

Drives:

  • UCS-SD480G2HNK9

  • UCS-SD480G2HBNK9

  • UCS-SD960G2HTNK9

  • UCS-SD960G2HBNK9

  • UCS-SD38T2HTNK9

  • UCS-SD38T2HBNK9

  • UCS-S3260-2SD38K9

4.0(4c)

ucs-catalog.4.0.4e.T.bin

  • UCSC-NVME2H-I1000

  • UCSB-NVME2H-I1000

  • UCSC-NVME2H-I2TBV

  • UCSB-NVME2H-I2TBV

  • UCSC-NVME2H-I4000

  • UCSB-NVME2H-I4000

  • UCSC-NVMEHW-I8000

  • UCSB-NVMEHW-I8000

  • UCSC-NVME2H-I1600

  • UCSB-NVME2H-I1600

4.0(4b)

ucs-catalog.4.0.4b.T.bin

4.0(4a)

ucs-catalog.4.0.4a.T.bin

CPUs for UCS B200 M5, C220 M5, C240 M5 servers:

  • UCS-CPU-I3204

  • UCS-CPU-I4208

  • UCS-CPU-I4210

  • UCS-CPU-I4214

  • UCS-CPU-I4215

  • UCS-CPU-I4216

  • UCS-CPU-I5215

  • UCS-CPU-I5217

  • UCS-CPU-I5218

  • UCS-CPU-I5220

  • UCS-CPU-I5222

  • UCS-CPU-I6230

  • UCS-CPU-I6240

  • UCS-CPU-I6242

  • UCS-CPU-I6244

  • UCS-CPU-I6248

  • UCS-CPU-I6254

  • UCS-CPU-I6252

  • UCS-CPU-I8260

  • UCS-CPU-I8268

  • UCS-CPU-I8270

  • UCS-CPU-I8276

  • UCS-CPU-I8280

  • UCS-CPU-I5215M

  • UCS-CPU-I8260M

  • UCS-CPU-I8276M

  • UCS-CPU-I8280M

  • UCS-CPU-I5215L

  • UCS-CPU-I8260L

  • UCS-CPU-I8276L

  • UCS-CPU-I8280L

  • UCS-CPU-I4214Y

  • UCS-CPU-I6240Y

  • UCS-CPU-I8260Y

CPUs for UCS B480 M5 and C480 M5:

  • UCS-CPU-I5215

  • UCS-CPU-I5217

  • UCS-CPU-I5218

  • UCS-CPU-I5220

  • UCS-CPU-I5222

  • UCS-CPU-I6230

  • UCS-CPU-I6240

  • UCS-CPU-I6242

  • UCS-CPU-I6244

  • UCS-CPU-I6248

  • UCS-CPU-I6254

  • UCS-CPU-I6252

  • UCS-CPU-I8260

  • UCS-CPU-I8268

  • UCS-CPU-I8270

  • UCS-CPU-I8276

  • UCS-CPU-I8280

  • UCS-CPU-I5215M

  • UCS-CPU-I8260M

  • UCS-CPU-I8276M

  • UCS-CPU-I8280M

  • UCS-CPU-I5215L

  • UCS-CPU-I8260L

  • UCS-CPU-I8276L

  • UCS-CPU-I8280L

  • UCS-CPU-I6240Y

  • UCS-CPU-I8260Y

CPUs for UCS S3260 M5:

  • UCS-CPU-I4214

  • UCS-CPU-I5218

  • UCS-CPU-I5220

  • UCS-CPU-I6240

Memory:

  • UCS-MR-X16G1RT-H

  • UCS-MR-X32G2RT-H

  • UCS-MR-X64G2RT-H

  • UCS-ML-X64G4RT-H

  • UCS-ML-128G4RT-H

Intel® Optane DC persistent memory:

  • UCS-MP-128GS-A0

  • UCS-MP-256GS-A0

  • UCS-MP-512GS-A0

Fabric Extender:

  • UCS-IOM-2304V2

GPUs:

  • UCSC-GPU-T4-16 on UCS C240 M5, C220 M5, C480 M5

  • UCSC-GPU-V340

Network Interface Cards:

  • UCSC-P-M4D25GF

  • UCSC-PCIE-QS100GF

Hardware RAID Controller:

  • UCS-M2-HWRAID

4.0(2e)

ucs-catalog.4.0.2e.T.bin

4.0(2d)

ucs-catalog.4.0.2d.T.bin

4.0(2b)

ucs-catalog.4.0.2a.T.bin

4.0(2a)

ucs-catalog.4.0.2a.T.bin

Cisco UCS Rack-Mount Servers:

  • UCSC-C480-M5ML

CPUs for UCSC-C480-M5ML:

  • UCS-CPU-8180

  • UCS-CPU-8176

  • UCS-CPU-8170

  • UCS-CPU-8164

  • UCS-CPU-8160

  • UCS-CPU-8153

  • UCS-CPU-6152

  • UCS-CPU-6148

  • UCS-CPU-6138

  • UCS-CPU-6140

  • UCS-CPU-6130

  • UCS-CPU-8168

  • UCS-CPU-8158

  • UCS-CPU-8156

  • UCS-CPU-6154

  • UCS-CPU-6150

  • UCS-CPU-6142

  • UCS-CPU-6132

  • UCS-CPU-6144

  • UCS-CPU-6136

  • UCS-CPU-6126

  • UCS-CPU-6146

  • UCS-CPU-6134

  • UCS-CPU-6128

  • UCS-CPU-5122

  • UCS-CPU-4116

  • UCS-CPU-6142M

  • UCS-CPU-8180M

Memory for UCSC-C480-M5ML:

  • UCS-MR-128G8RS-H

  • UCS-MR-X64G4RS-H

  • UCS-ML-X64G4RS-H

  • UCS-MR-X32G2RS-H

  • UCS-ML-X32G2RS-H

  • UCS-MR-X16G1RS-H

  • UCS-MR-X16G2RS-H

PSU for UCSC-C480-M5ML:

  • UCSC-PSU1-1600W

Fan module for UCSC-C480-M5ML:

  • UCSC-FAN-C480M5

Cisco VICs for UCSC-C480-M5ML:

  • VIC 1455 10/25G PCIe for C-Series and S-Series (UCSC-PCIE-C25Q-04)

  • VIC 1495 40/100G PCIe for C-Series (UCSC-PCIE-C100-04)

NIC for UCSC-C480-M5ML:

  • Qlogic QLE45611HLCU single port 100G NIC (UCSC-PCIE-QS100GF)

HDDs for UCSC-C480-M5ML:

  • UCS-HD900G15K12N

  • UCS-HD12TB10K12N

  • UCS-HD18TB10K4KN

  • UCS-HD2T7K12N

SSDs for UCSC-C480-M5ML:

  • UCS-SD16T123X-EP

  • UCS-SD32T123X-EP

  • UCS-SD120GM1X-EV

  • UCS-SD240GM1X-EV

  • UCS-SD480GM1X-EV

  • UCS-SD960GM1X-EV

  • UCS-SD16TM1X-EV

  • UCS-SD19TM1X-EV

  • UCS-SD38TM1X-EV

  • UCS-SD76TM1X-EV

Flash drive for UCSC-C480-M5ML:

  • UCS-USBFLSHB-16GB

GPU for UCSC-C480-M5ML:

  • NVIDIA SXM2 V100 32GB Nvlink Modules (UCSC-GPUV100SXM32)

NVMe drives for UCSC-C480-M5ML:

  • UCSC-NVMEHW-H3200

Mini Storage Carriers for UCSC-C480-M5ML:

  • UCS-MSTOR-SD

  • UCS-MSTOR-M2

SD Cards for UCSC-C480-M5ML:

  • UCS-SD-64G-S

  • UCS-SD-128G

Micro SD Card for UCSC-C480-M5ML:

  • UCS-MSD-32G

M.2 SATA SSD for UCSC-C480-M5ML:

  • UCS-M2-240GB

  • UCS-M2-960GB

RAID Controller for UCSC-C480-M5ML:

  • UCSC-RAID-M5HD

Cisco VIC Adapters:

  • VIC 1495 40/100G PCIe for C-Series (UCSC-PCIE-C100-04)

  • VIC 1497 40/100G mLOM for C-Series (UCSC-MLOM-C100-04)

TPM2 for all UCS servers:

  • UCSX-TPM2-002-C

High Voltage DC 1200 Watt Power Supply on UCS 6454 Fabric Interconnects:

  • N9K-PUV-1200W

Intel Optane NVMe Extreme Performance Drive for M5 servers:

  • UCSC-NVMEXP-I750

GPU for C240 M5 servers:

  • UCSC-GPU-V100-32G—NVIDIA V100 PCIe PG500-200 250W 32GB GPU

QLogic Network Adapter cards for UCSC-C125:

  • UCSC-PCIE-QD10GC—10G Network Adapter card

  • UCSC-PCIE-QD25GF—25G Network Adapter card

4.0(1d)

ucs-catalog.4.0.1c.T.bin

Drives:

  • UCS-SD480GBHBNK9

  • UCS-SD960GBHBNK9

  • UCS-SD38TBHBNK9

  • UCS-SD480GBHTNK9

  • UCS-SD960GBHTNK9

  • UCS-SD38TBHTNK9

4.0(1c)

ucs-catalog.4.0.1a.T.bin

4.0(1b)

ucs-catalog.4.0.1a.T.bin

4.0(1a)

ucs-catalog.4.0.1a.T.bin

Cisco UCS 6454 Fabric Interconnect:

  • UCS-FI-6454

Cisco UCS Rack-Mount Servers:

  • UCSC-C125

Chassis for C125 M5:

  • UCSC-C4200-SFF

CPUs for UCSC-C125:

  • UCS-CPU-7601

  • UCS-CPU-7551

  • UCS-CPU-7501

  • UCS-CPU-7451

  • UCS-CPU-7401

  • UCS-CPU-7351

  • UCS-CPU-7301

  • UCS-CPU-7281

  • UCS-CPU-7261

  • UCS-CPU-7251

  • UCS-CPU-7551P

  • UCS-CPU-7401P

  • UCS-CPU-7351P

Memory for UCSC-C125:

  • UCS-MR-128G8RS-H

  • UCS-MR-X64G4RS-H

  • UCS-ML-X64G4RS-H

  • UCS-MR-X32G2RS-H

  • UCS-MR-X16G1RS-H

  • UCS-MR-X16G2RS-H

  • UCS-MR-X8G1RS-H

OCP NICs for UCSC-C125:

  • UCSC-OCP-QD10GC

  • UCSC-OCP-QD25GF

Storage Controller for UCSC-C125:

  • UCSC-SAS9460-8i

SD Cards for UCSC-C125:

  • UCS-SD-32G-S

  • UCS-SD-64G-S

  • UCS-SD-128G

Micro SD Card for UCSC-C125:

  • UCS-MSD-32G

M.2 SATA SSD for UCSC-C125:

  • UCS-M2-240GB

  • UCS-M2-960GB

Flash USB Drive for UCSC-C125:

  • UCS-USBFLSHB-16GB

Mini Storage Carriers for UCSC-C125:

  • UCS-MSTOR-SD

  • UCS-MSTOR-M2

Cisco VIC Adapters:

  • VIC 1440 10/40G mLOM for B-Series (UCSB-MLOM-40G-04)

  • VIC 1480 10/40G PCIe for B-Series (UCSB-VIC-M84-4P)

  • VIC 1455 10/25G PCIe for C-Series and S-Series (UCSC-PCIE-C25Q-04)

  • VIC 1457 10/25G mLOM for C-Series (UCSC-MLOM-C25Q-04)

HX NVMe Server:

  • HXAF220C-M5SN

PCIe compression and cryptographic CPU offload card with C240HX M5 servers

  • HX-PCIE-OFFLOAD-1

Intel Optane NVMe Med. Performance Drives for M5 servers:

  • UCSC-NVMEXP-I375

  • UCSB-NVMEXP-I375

  • UCSC-NVMEXP-I750

  • UCSB-NVMEXP-I750

Security Fixes

The following security issues are resolved:

Release

Defect ID

CVE

Description

4.0(4i)

CSCvt86093

  • CVE-2020-0548

  • CVE-2020-0549

Cisco UCS M5 servers that are based on Intel® processors are affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID(s):

  • CVE-2020-0548: Clean-up errors in some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0549: Clean-up errors in some data cache evictions for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

This release includes BIOS revisions for Cisco UCS M5 servers. These BIOS revisions include Microcode update for Cisco UCS M5 servers, which is a required part of the mitigation for these vulnerabilities.

4.0(4i)

CSCvq33385

CVE-2016-2183

The latest CiscoSSL 1.0.2r.6.2.341 now includes mitigations for the OpenSSL vulnerabilities in Cisco UCS Manager identified by the Common Vulnerability and Exposures (CVE) ID listed.

4.0(4h)

CSCvs81686

  • CVE-2020-0548

  • CVE-2020-0549

Cisco UCS M5 servers that are based on Intel® processors are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2020-0548 Cleanup errors in some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

  • CVE-2020-0549 Cleanup errors in some data cache evictions for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.

This release includes BIOS revisions for Cisco UCS M5 servers. These BIOS revisions include the updated SINIT ACM for Cisco UCS M5 servers, which is a required part of the mitigation for these vulnerabilities.

4.0(4g)

CSCvr54409

CSCvr54415

  • CVE-2019-11135

  • CVE-2019-0151

  • CVE-2019-0152

  • CVE-2019-11136

  • CVE-2019-11137

  • CVE-2019-11139

  • CVE-2019-11109

Cisco UCS M5 servers that are based on Intel® processors are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2019-11135 (TSX Asynchronous Abort Advisory) condition affects certain 2nd Generation Intel® Xeon® Scalable Processors, 8th Generation Intel® CoreTM Processor Family, 9th Generation Intel® CoreTM Processor Family, and 10th Generation Intel® CoreTM Processor Family that utilize speculative execution, and may allow an authenticated user to potentially enable information disclosure through a side-channel with local access.

  • CVE-2019-0151 (CPU Local Privilege Escalation Advisory) affects certain Intel® 4th Generation Intel® CoreTM Processors, 5th Generation Intel® CoreTM Processors, 6th Generation Intel® Cores Processors, 7th Generation Intel® CoreTM Processors, 8th Generation Intel® CoreTM Processors, Intel® Xeon® Processors E3 v2/v3/v4/v5/v6 Family, Intel® Xeon® Processors E5 v3/v4 Family, Intel® Xeon® Processors E7 v3/v4 Family, Intel® Xeon® Scalable Processors 2nd Generation, Intel® Xeon® Scalable Processors, Intel® Xeon® Processors D-1500/D-2100), Intel® Xeon® Processors E-2100/E3100, and, Intel® Xeon® Processors W-2100/W-3100 when insufficient memory protection in Intel® TXT may allow a privileged user to potentially enable escalation of privilege through local access. This could result in bypassing Intel® TXT protections.

  • CVE-2019-0152 (CPU Local Privilege Escalation Advisory) affects certain Intel® Xeon® Scalable Processors, Intel® Xeon® Processor D-2100, D-3100, Intel® Xeon® Processor W-2100, W-3100 when insufficient memory protection may allow a privileged user to potentially enable an escalation of privilege through local access. This could result in bypassing System Management Mode (SMM) and Intel® TXT protections.

  • CVE-2019-11136 (BIOS 2019.2 IPU Advisory) affects 2nd Generation Intel® Xeon® Scalable Processors, Intel® Xeon® Scalable Processors, Intel® Xeon® Processor D Family when insufficient access control in the system firmware may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure through local access.

  • CVE-2019-11137 (BIOS 2019.2 IPU Advisory) affects 2nd Generation Intel® Xeon® Scalable Processors, Intel® Xeon® Scalable Processors, Intel® Xeon® Processor D Family, Intel® Xeon® Processor E5 v4 Family, Intel® Xeon® Processor E7 v4 Family, Intel® Atom® Processor C Series when insufficient input validation in the system firmware may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure through local access.

  • CVE-2019-11139 (Voltage Modulation Technical Advisory) vulnerability in voltage modulation of certain Intel® Xeon® Scalable Processors may allow a privileged user to potentially enable denial of service through local access.

  • CVE-2019-11109: Logic issue in subsystem in Intel® Server Platform Services before versions SPS_E5_04.01.04.297.0, SPS_SoC-X_04.00.04.101.0, and SPS_SoC-A_04.00.04.193.0 may allow a privileged user to potentially enable Denial of Service through local.

This release includes BIOS revisions for Cisco UCS M5 servers. These BIOS revisions include the updated microcode and Secure Initialization (SINIT) Authenticated Code Modules (ACM), which are required parts of the mitigation for these vulnerabilities.

4.0(4g)

CSCvr54413

CSCvr54414

CSCvr54416

  • CVE-2019-0151

  • CVE-2019-11137

Cisco UCS M4 servers that are based on Intel® processors are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2019-0151 (CPU Local Privilege Escalation Advisory) affects certain Intel® 4th Generation Intel® CoreTM Processors, 5th Generation Intel® CoreTM Processors, 6th Generation Intel® Cores Processors, 7th Generation Intel® CoreTM Processors, 8th Generation Intel® CoreTM Processors, Intel® Xeon® Processors E3 v2/v3/v4/v5/v6 Family, Intel® Xeon® Processors E5 v3/v4 Family, Intel® Xeon® Processors E7 v3/v4 Family, Intel® Xeon® Scalable Processors 2nd Generation, Intel® Xeon® Scalable Processors, Intel® Xeon® Processors D-1500/D-2100), Intel® Xeon® Processors E-2100/E3100, and, Intel® Xeon® Processors W-2100/W-3100 when insufficient memory protection in Intel® TXT may allow a privileged user to potentially enable escalation of privilege through local access. This could result in bypassing Intel® TXT protections.

  • CVE-2019-11137 (BIOS 2019.2 IPU Advisory) affects 2nd Generation Intel® Xeon® Scalable Processors, Intel® Xeon® Scalable Processors, Intel® Xeon® Processor D Family, Intel® Xeon® Processor E5 v4 Family, Intel® Xeon® Processor E7 v4 Family, Intel® Atom® Processor C Series when insufficient input validation in the system firmware may allow a privileged user to potentially enable an escalation of privilege, denial of service, or information disclosure through local access.

This release includes BIOS revisions for Cisco UCS M4 servers. These BIOS revisions include the updated microcode and SINIT ACM for Cisco UCS M4 servers, which are required parts of the mitigation for these vulnerabilities.

4.0(4g)

CSCvr54411

CVE-2019-0151

Cisco UCS B-Series and C-Series M3 servers that are based on Intel® processors are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID:

  • CVE-2019-0151 (CPU Local Privilege Escalation Advisory) affects certain Intel® 4th Generation Intel® CoreTM Processors, 5th Generation Intel® CoreTM Processors, 6th Generation Intel® Cores Processors, 7th Generation Intel® CoreTM Processors, 8th Generation Intel® CoreTM Processors, Intel® Xeon® Processors E3 v2/v3/v4/v5/v6 Family, Intel® Xeon® Processors E5 v3/v4 Family, Intel® Xeon® Processors E7 v3/v4 Family, Intel® Xeon® Scalable Processors 2nd Generation, Intel® Xeon® Scalable Processors, Intel® Xeon® Processors D-1500/D-2100), Intel® Xeon® Processors E-2100/E3100, and, Intel® Xeon® Processors W-2100/W-3100 when insufficient memory protection in Intel® TXT may allow a privileged user to potentially enable escalation of privilege through local access. This could result in bypassing Intel® TXT protections.

This release includes BIOS revisions for Cisco UCS B-Series and C-Series M3 servers. These BIOS revisions include the updated SINIT ACM for Cisco UCS M3 servers, which is a required part of the mitigation for these vulnerabilities.

4.0(4f)

CSCvq19565

CVE-2019-11479

CVE-2019-11478

This bug was filed to evaluate the product against the vulnerability affecting Linux kernel, identified by the following CVE IDs:

  • CVE-2019-11479: Excess Resource Consumption Due to Low MSS Values

  • CVE-2019-11478: SACK Slowness or Excess Resource Usage

TCP networking vulnerabilities have been identified affecting Linux kernel. The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed "SACK Panic" allows a remotely-triggered kernel panic on recent Linux kernels.

Cisco UCS servers with 6200 Series Fabric Interconnects have been determined to contain a vulnerable version of Linux Kernel. However the product is not affected by the following vulnerability:

CVE-2019-11477: SACK Kernel Panic

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html

4.0(4f)

CSCvq21317

CVE-2019-11477

CVE-2019-11478

CVE-2019-11479

This bug was filed to evaluate the product against the vulnerability affecting Linux kernel, identified by the following CVE IDs:

  • CVE-2019-11477: SACK Panic

  • CVE-2019-11478: SACK Slowness or Excess Resource Usage

  • CVE-2019-11479: Excess Resource Consumption Due to Low MSS Values

TCP networking vulnerabilities have been identified affecting Linux kernel. The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed "SACK Panic" allows a remotely-triggered kernel panic on recent Linux kernels.

Cisco UCS servers with 6400 Series Fabric Interconnects have been determined to contain a vulnerable version of Linux Kernel.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html

4.0(4f)

CSCvm80093

CVE-2019-1966

A vulnerability in the CLI implementation of a specific command for the Cisco UCS Fabric Interconnect could have allowed an authenticated, local attacker to escape the CLI and gain unauthorized access to the underlying operating system of the device.

An attacker could have exploited this vulnerability to escape the CLI and execute arbitrary commands on the underlying operating system with the privileges of the root user. The attacker would need valid device credentials.

Additional information on Cisco's security vulnerability policy can be found at the following URL:

Security Vulnerability Policy.

4.0(4f)

CSCvp56979

CVE-2019-9213

Cisco UCS servers with 6400 Series Fabric Interconnects have been determined to contain third-party software that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2019-9213: Linux Kernel expand_downwards Function NULL Pointer Dereference Vulnerability

Cisco has released software updates that address this vulnerability.

Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html.

4.0(4e)

CSCvp62709

CSCvp69717

CVE-2019-11358

Cisco UCS Manager and UCS 6200 Series Fabric Interconnects included a version of the jQuery software package that is affected by the cross-site scripting vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2019-11358

Additional information on Cisco's security vulnerability policy can be found here:

Security Vulnerability Policy

4.0(4e)

CSCvn23535

CSCvn23538

CVE-2019-1963

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.

The vulnerability is due to improper validation of Abstract Syntax Notation One (ASN.1) encoded variables in SNMP packets. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the SNMP daemon on the affected device. A successful exploit could allow the attacker to cause the SNMP application to restart multiple times, leading to a system-level restart and a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

Cisco FXOS and NX-OS Software Authenticated Simple Network Management Protocol Denial of Service Vulnerability

4.0(4c)

CSCvp27917

CVE-2018-12126

CVE-2018-12127

CVE-2018-12130

CVE-2019-11091

Cisco UCS B-Series M3 Blade Servers are based on Intel® Xeon®Sandy Bridge E5-2600 and Ivy Bridge E5 2600 v2 Product Family processors that are vulnerable to variants of exploits that use Microarchitectural Data Sampling (MDS) to gain access to data being processed in the CPU by other applications.

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling) affects store buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling) affects load buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling) affects line fill buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory) affects uncacheable memory in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M3 generation servers. These BIOS revisions include the updated microcode that is a required part of the mitigation for these vulnerabilities.

Additional details about the vulnerabilities listed above can be found at http://cve.mitre.org/cve/cve.html

4.0(4c)

CSCvq66225

CVE-2019-9836

On the Cisco UCS C-Series servers that are based on AMD EPYC processors, using the user-selectable AMD secure encryption feature on a virtual machine running the Linux operating system, an encryption key could be compromised by manipulating the encryption technology’s behavior. This release includes the BIOS revision to mitigate this risk. For more information about this vulnerability, see https://www.amd.com/en/corporate/product-security.

4.0(4c)

CSCvp12424

CVE-2019-1559

Cisco UCS Manager includes a version of the OpenSSH Protocol that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID:

  • CVE-2019-1559

    If an application encounters a fatal protocol error and then calls SSL_shutdown() twice, it could behave like a padding oracle that could be used to decrypt data.

This issue is resolved through the OpenSSL software updates. For more information, go to https://tools.cisco.com/security/center/viewAlert.x?alertId=59697.

4.0(4b)

4.0(2e)

CSCvo21412

CSCvp30013

CVE-2018-12126

CVE-2018-12127

CVE-2018-12130

CVE-2019-11091

Cisco UCS M4 servers and Hyperflex M4 servers are based on Intel® Xeon® Processor E7 v2, v3, and v4 Product Family processors that are vulnerable to variants of exploits that use Microarchitectural Data Sampling (MDS) to gain access to data being processed in the CPU by other applications.

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling) affects store buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling) affects load buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling) affects line fill buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory) affects uncacheable memory in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M4 generation servers. These BIOS revisions include the updated microcode that is a required part of the mitigation for these vulnerabilities.

4.0(4b)

4.0(2e)

CSCvp28016

CVE-2018-12126

CVE-2018-12127

CVE-2018-12130

CVE-2019-11091

Cisco UCS M4 servers and Hyperflex M4 servers are based on Intel® Xeon® Processor E5 v3 and v4 Product Family processors that are vulnerable to variants of exploits that use Microarchitectural Data Sampling (MDS) to gain access to data being processed in the CPU by other applications.

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling) affects store buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling) affects load buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling) affects line fill buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory) affects uncacheable memory in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M4 generation servers. These BIOS revisions include the updated microcode that is a required part of the mitigation for these vulnerabilities.

4.0(4b)

4.0(2e)

CSCvp31847

CVE-2018-12126

CVE-2018-12127

CVE-2018-12130

CVE-2019-11091

Cisco UCS M5 servers and Hyperflex M5 servers are based on Intel® Xeon® Scalable processors that are vulnerable to variants of exploits that use Microarchitectural Data Sampling (MDS) to gain access to data being processed in the CPU by other applications.

  • CVE-2018-12126 (Microarchitectural Store Buffer Data Sampling) affects store buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12127 (Microarchitectural Load Port Data Sampling) affects load buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2018-12130 (Microarchitectural Fill Buffer Data Sampling) affects line fill buffers in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

  • CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory) affects uncacheable memory in the CPU, and is addressed by applying the updated microcode included in the UCS Manager release as well as the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M5 generation servers. These BIOS revisions include the updated microcode that is a required part of the mitigation for these vulnerabilities.

4.0(2a)

CSCvm35067

CVE-2018-3655

Cisco UCS C-Series servers include a version of the Intel® Converged Security Management Engine (CSME) that maybe affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID:

  • CVE-2018-3655

An attacker with physical access could use these vulnerabilities to do the following:

  • Bypass Intel® CSME anti-replay protection, thus allowing potential brute force attacks on secrets stored inside the Intel CSME

  • Gain unauthorized access to the Intel® MEBX password

  • Tamper with the integrity of the Intel® CSME file system directories or the Server Platform Services and Trusted Execution Environment (Intel® TXE) data files

This release includes BIOS revisions for Cisco UCS M5 generation C-Series servers.

4.0(1d)

CSCvm19864

CVE-2016-3115

Cisco UCS Manager and UCS 6200 Series Fabric Interconnects include a version of the OpenSSH Protocol that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2016-3115

Cisco has released software updates that address this vulnerability.

4.0(1c)

CSCvk20775

CVE-2018-3655

Cisco UCS B-Series servers include a version of the Intel® Converged Security Management Engine (CSME) that maybe affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID:

  • CVE-2018-3655

An attacker with physical access could use these vulnerabilities to do the following:

  • Bypass Intel® CSME anti-replay protection, thus allowing potential brute force attacks on secrets stored inside the Intel CSME

  • Gain unauthorized access to the Intel® MEBX password

  • Tamper with the integrity of the Intel® CSME file system directories or the Server Platform Services and Trusted Execution Environment (Intel® TXE) data files

This release includes BIOS revisions for Cisco UCS M5 generation B-Series servers.

4.0(1a)

CSCvm03356

CVE-2018-3615

CVE-2018-3620

CVE-2018-3646

Cisco UCS B-Series M3 servers and C-Series M3 servers are based on Intel® processors that are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as L1 Terminal Fault (L1TF).

  • CVE-2018-3615 (affecting SGX), also known as Foreshadow, is not known to affect any existing Cisco UCS servers because Cisco UCS M5 and earlier generation servers, and HyperFlex M5 and earlier generation servers do not use Intel® SGX technology.

  • CVE-2018-3620 (affecting OS/System Management Mode) and CVE-2018-3646 (affecting Virtual Machine Monitors) are referred to as L1 Terminal Fault attacks by Intel®. These vulnerabilities are mitigated by applying the updated processor microcode from Intel® included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M3 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3620 (OS/SMM) and CVE-2018-3646 (VMM). Operating System and Hypervisor patches from the appropriate vendors may also be required to mitigate these vulnerabilities.

For more information, please see the Cisco Security Advisory available here:

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

4.0(1a)

CSCvm03351

CVE-2018-3615

CVE-2018-3620

CVE-2018-3646

Cisco UCS B-Series M4 servers, C-Series M4 servers, S3260 M4 storage servers, and HyperFlex M4 servers are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as L1 Terminal Fault (L1TF).

  • CVE-2018-3615 (affecting SGX), also known as Foreshadow, is not known to affect any existing Cisco UCS servers because Cisco UCS M5 and earlier generation servers, and HyperFlex M5 and earlier generation servers do not use Intel® SGX technology.

  • CVE-2018-3620 (affecting OS/System Management Mode) and CVE-2018-3646 (affecting Virtual Machine Monitors) are referred to as L1 Terminal Fault attacks by Intel®. These vulnerabilities are mitigated by applying the updated processor microcode from Intel® included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M4 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3620 (OS/SMM) and CVE-2018-3646 (VMM). Operating System and Hypervisor patches from the appropriate vendors may also be required to mitigate these vulnerabilities.

For more information, please see the Cisco Security Advisory available here:

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

4.0(1a)

CSCvm03339

CVE-2018-3615

CVE-2018-3620

CVE-2018-3646

Cisco UCS B-Series M5 servers, C-Series M5 servers, and HyperFlex M5 servers are based on Intel® processors that are vulnerable to exploits that use CPU speculative processing and data cache timing to potentially identify privileged information. These exploits are collectively known as L1 Terminal Fault (L1TF).

  • CVE-2018-3615 (affecting SGX), also known as Foreshadow, is not known to affect any existing Cisco UCS servers because Cisco UCS M5 and earlier generation servers, and HyperFlex M5 and earlier generation servers do not use Intel® SGX technology.

  • CVE-2018-3620 (affecting OS/System Management Mode) and CVE-2018-3646 (affecting Virtual Machine Monitors) are referred to as L1 Terminal Fault attacks by Intel®. These vulnerabilities are mitigated by applying the updated processor microcode from Intel® included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions for Cisco UCS M5 generation servers. These BIOS revisions include the updated processor microcode that is a required part of the mitigation for CVE-2018-3620 (OS/SMM) and CVE-2018-3646 (VMM). Operating System and Hypervisor patches from the appropriate vendors may also be required to mitigate these vulnerabilities.

For more information, please see the Cisco Security Advisory available here:

CPU Side-Channel Information Disclosure Vulnerabilities: August 2018

4.0(1a)

CSCvg58650

  • CVE-2017-5718

Cisco UCS 6200 Series and 6300 Series Fabric Interconnects include a version of Intel system firmware for Intel Core Processors that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) ID:

  • CVE-2017-5718 is addressed by applying the updated processor microcode from Intel included in the server firmware bundle, and the relevant Operating System and Hypervisor patches from the appropriate vendors.

This release includes BIOS revisions to address the vulnerabilty.

4.0(1a)

CSCvh25150

CVE-2017-3883

A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

The vulnerability occurs because AAA processes prevent the NX-OS System Manager from receiving keepalive messages when an affected device receives a high rate of login attempts, such as in a brute-force login attack. System memory can run low on the FXOS devices under the same conditions, which could cause the AAA process to unexpectedly restart or cause the device to reload.

An attacker could exploit this vulnerability by performing a brute-force login attack against a device that is configured with AAA security services. A successful exploit could allow the attacker to cause the affected device to reload.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

For more information, see the Cisco Security Advisory available here:

Cisco FXOS and NX-OS System Software Authentication, Authorization, and Accounting Denial of Service Vulnerability

4.0(1a)

CSCva61699

Common Weakness Enumeration (CWE) IDs:

  • 525

  • 933

  • 16

  • 311

  • 200

The following security vulnerabilities were identified for HTTP response and affected Cisco UCS Manager:

  • Incomplete or no cache-control and Pragma HTTP header set

  • Web browser XSS protection not enabled

  • X-Content-Type-Options header missing

  • Secure pages include mixed content

  • Private IP disclosure

Of these security vulnerabilities, Cisco has addressed the following in this release:

  • Web browser XSS protection not enabled

  • X-Content-Type-Options header missing

The Incomplete or no cache-control and Pragma HTTP header set vulnerability vulnerability will not be fixed because of the following:

  • Disabling of caching results in a sluggish GUI experience

  • KVM launch is impacted if we disable caching

4.0(1a)

CSCvi95784

  • CVE-2017-15715

  • CVE-2018-1303

  • CVE-2018-1301

  • CVE-2018-1302

  • CVE-2018-1283

  • CVE-2018-1312

  • CVE-2017-15710

The Apache version used with previous Cisco UCS Manager releases was affected by the Common Vulnerability and Exposures (CVE) IDs listed. Most of these CVE IDs are low risk, or not applicable to Cisco UCS Manager.

Default Open Ports

The following table lists the default open ports used in Cisco UCS Manager Release 4.0.

Port

Interface

Protocol

Traffic Type

Fabric Interconnect

Usage

22

CLI

SSH

TCP

UCS 6200 Series

UCS 6300 Series

UCS 6400 Series

Cisco UCS Manager CLI access

80

XML

HTTP

TCP

UCS 6200 Series

UCS 6300 Series

UCS 6400 Series

Cisco UCS Manager GUI and third party management stations.

Client download

443

XML

HTTP

TCP

UCS 6200 Series

UCS 6300 Series

UCS 6400 Series

Cisco UCS Manager login page access

Cisco UCS Manager XML API access

743

KVM

HTTP

TCP

UCS 6200 Series

UCS 6300 Series

UCS 6400 Series

CIMC Web Service / Direct KVM

843

xmlPolicy

Adobe Flash

TCP

UCS 6200 Series

UCS 6300 Series

Adobe Flash port used by KVM launcher

5661

HTTPD

TCP

UCS 6400 Series

Internal communication

Disabled in Cisco UCS Manager Release 4.0(4f)

7162

HTTPD

TCP

UCS 6400 Series

Internal communication

Disabled in Cisco UCS Manager Release 4.0(4g)

7546

CFS

CFSD

TCP

UCS 6400 Series

Cisco Fabric Service

Cisco UCS Manager Network Management Guide, Release 4.0 provides a complete list of open TCP and UDP ports.

Libfabric and Open MPI

Cisco usNIC support in the Libfabric and Open MPI open source packages is readily available from their community web sites (http://libfabric.org/ and http://www.open-mpi.org/, respectively).

Cisco UCS Manager Release 3.1(3) and later releases no longer include Open MPI binary packages. Future UCS software driver bundles distributed through the usual Cisco software channels may not include binaries for the libfabric packages. Cisco engineers continue to be active, core contributors in both the Libfabric and Open MPI communities, and will actively develop and support users through the usual community or commercial ISV support mechanisms (e.g., IBM Spectrum MPI).

Resolved Caveats

The resolved bugs for a release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains up-to-date information about bugs and vulnerabilities in this product and other Cisco hardware and software products.


Note

You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, you can register for an account.


For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.

Resolved Caveats in Release 4.0(4i)

The following caveats are resolved in Release 4.0(4i):

Defect ID

Symptom

First Bundle Affected

Resolved in Release

CSCvt55829

SanDisk Lightning II Solid State Drives (SSDs) LT0400MO and LT1600MO with respect to PIDS listed below, report 0 GB of available storage space remaining under normal operation at 40,000 power on hours. SSDs go offline and become unusable after power cycle event resulting in data loss, potentially on multiple drives if they are placed in service at the same time.

The PIDs of affected SSDs are:

  • (400GB) UCS-SD400G1KHY-EP, UCS-SD400G12S4-EP, UCS-C3X60-12G240

  • (1.6TB) UCS-SD16TG1KHY-EP, UCS-SD16TB12S4-EP, UCS-C3X60-12G2160

This issue is resolved.

3.2(1d)C

4.0(4i)C

CSCvt37895

Cisco C-series integrated server that is connected to Fabric Interconnect through Fabric extender, encounters fabric ports link flaps during cluster failover or shallow discovery.

This issue is resolved.

4.0(4e)A

4.0(4i)A

CSCvq80554

On Cisco Model M4 servers, the BMC failed to send notification of HCL file change.

This issue is resolved.

4.0(1c)A

4.0(4i)A

CSCvs61735

UCS Manager didn't provide correct overall status for the IOM on a Cisco 6400 Series Fabric Interconnect.

This issue is resolved.

4.0(1a)A

4.0(4i)A

CSCvm59040

Loss of network connectivity due to running out of memory after an uptime of over 180 days was sometimes encountered on hosts on Cisco standalone C-Series servers equipped with a VIC 1225 adapter.

This issue is resolved.

4.0(1a)B and C

4.0(4i)B and C

CSCvt27869

A 6200 series Fabric Interconnect encountered an OOB memory access causing the Fabric Interconnect to reboot.

This issue is resolved.

4.0(1a)A

4.0(4i)A

CSCvt08435

On the 6300 Series Fabric Interconnect, while monitoring SNMP on IOM 2304, HIF ports counts intermittently dropped to zero, causing high traffic indications on the third party monitoring applications.

4.0(4b)A

4.0(4i)A

CSCvu07675

Auto-install of firmware on a UCS-managed integrated C-Series rack server failed to activate the SAS Controller.

4.0(4b)C

4.0(4i)C

CSCvt65210

On a 1400 Series Fabric Interconnect, vif_vifid_reserve failed during the uplink port flap.

4.0(4h)A

4.0(4i)A

CSCvs46320

UCS servers connected to 6400 Fabric Interconnects may lose synchronization with the time and/or timezone set in UCS Manager.

4.0(1a)A

4.0(4i)A

CSCvu14656

On upgrade of BIOS to one of the following versions, the booting of M5 servers get stuck at the memory testing step:

  • C220M5.4.1.1c.0.0404202345

  • C240M5.4.1.1c.0.0405200025

  • B200M5.4.1.1c.0.0404202345

4.0(4h)C

4.0(4i)C

CSCvu16418

On Cisco UCS 6400 Series Fabric Interconnect running with Cisco UCS Manager 4.0(4g) firmware, UCS fibre channel (FC) ports can stay online when upstream MDS experiences a Kernel panic. Depending on configuration, this situation can cause UCS FC uplinks to stay online even though MDS is inoperable. Thereby, causing pinned vHBAs to stay up which leads to the OS being unaware that FC interfaces are not functioning properly.

This issue is resolved.

4.0(4g)A

4.0(4i)A

CSCvt29474

On Cisco UCS 6332-16UP Fabric Interconnect (FI) in switched mode direct attached to a Fibre Channel (FC) storage unit, a large number of link reset (LR) or link reset response (LRR) in FC interface can make any FI link to become unusable.

This issue is resolved.

4.0(2a)A

4.0(4i)A

CSCvt44506

Cisco UCS Manager receives multiple delta events for Graphics Processing Units (GPU) card.

This issue is resolved.

4.0(4h)C

4.0(4i)C

CSCvs35747

In rare situations, during loss of FC Uplink connectivity and credit on 6300 series Fabric Interconnect, the key information such as port/link/speed FSM information needed for troubleshooting in the FC port may be lost.

The logging of FC port issues is enhanced to display the port/link/speed FSM information in the fc-mac output.

4.0(1b)A

4.0(4i)A

CSCvt38091

After upgrading to Cisco UCS Manager release 4.0(4e), a B200-M5 blade server displayed messages similar to the following:

Model UCS-FI-6332-16UP with Host Name (host name) reported following Diagnostics test failure:

'Recovered : Server 1/6 (service profile: (profile name) inaccessible'

This issue is resolved.

4.0(4e)B

4.0(4i)B

CSCvs97236

When an C460 M4 C-Series Rack Server detects an uncorrectable ECC error during Patrol Scrub, it logs a truncated system address (4KB page boundary) to the Machine Check Banks. When the iMC Demand Scrubber detects an Uncorrectable ECC error, it logs the full 'cache line' (non-truncated) address to the Machine Check Banks.

This truncated memory address is used to forward translate the address to a physical DIMM. Depending on system population and configuration, it is possible that the SEL message logging the Uncorrectable ECC error will not point to the correct DIMM.

This issue is resolved.

Uncorrectable ECC errors detected during Demand scrub are correctly translated to physical DIMM.

4.0(4h)C

4.0(4i)C

CSCvs73313

On a prolonged usage of Cisco UCS M5 servers, the bladeAG process could crash and customer may observe a shallow discovery triggered on the servers.This condition is seen due to the internal memory leakage.

This issue is resolved.

4.0(4a)A

4.0(4i)A

CSCvt64871

In rare situations, Cisco UCS C480 M5 servers and Cisco UCS 480 M5 ML servers stop responding and reboot after ADDDC virtual lockstep is activated. This results in #IERR and M2M timeout in the memory system.

For more information, see:

4.0(4c)B

4.0(4i)B

CSCvu11155

On upgrade of BIOS to one of the following versions, you might experience performance degradation on Cisco UCS B-Series, C-series, and S- series M5 servers running with second Generation Intel® Xeon® Scalable Processors:

  • C240M5.4.0.4r.0.0305200743

  • C220M5.4.0.4p.0.0224200755

  • B200M5.4.0.4l.0.0305202307

  • B480M5.4.0.4m.0.0305202307

  • S3X60M5.4.0.4o.0.0224200755

4.0(4h)B and C

4.0(4i)B and C

CSCvq53066

During auto-upgrade of firmware from Cisco UCS Manager 4.0(2d) to Cisco UCS Manager 4.0(4b), the SAS controller firmware is not activated on an integrated rack server.

4.0(4b)

4.0(4i)

Resolved Caveats in Release 4.0(4h)

The following caveats are resolved in Release 4.0(4h):

Defect ID

Symptom

First Bundle Affected

Resolved in Release

CSCvr83759

After upgrading from UCS Manager 3.2(3c) to 4.0(4c), blade server access to UCS Manager Fabric Interconnects fails when using openSSH or SecureCRT with "password" authentication.

This issue is resolved.

4.0(1a)A

4.0(4h)A

CSCvr98210

When upgrading from Cisco UCS Manager Release 3.2 to Release 4.0 on a system with appliance ports or FCoE storage ports, LLDP becomes disabled by default. FCoE or any connectivity that requires LLDP may stop working.

This issue is resolved.

4.0(4b)

A

4.0(4h)A

CSCvr91399

The following BIOS tokens were reset to Platform Default when they were pushed from Cisco UCS Central to UCS Manager.

SelectMemoryRASConfiguration

LocalX2Apic

BMEDMAMitigation

This issue is resolved.

4.0(1a)A

4.0(4h)A

CSCvq76790

After firmware upgrade of Cisco IMC or Fabric Interconnect, the connectivity between Cisco IMC and Fabric Interconnect is lost due to a Physical Layer 1 issue or misconfiguration of port mode on the Fibre Channel port.

This issue is resolved.

4.0(2b)A

4.0(4h)A

CSCvr74792

Cisco UCS 6454 Fabric Interconnect running with Cisco UCS Manager Release 4.0(2d), is rebooted due to kernel panic and watchdog timer timeout caused by a PSU FAN data access causing a kernel spin lock.

This issue is resolved.

4.0(1a)A

4.0(4h)A

CSCvr95365

After firmware upgrade from Cisco UCS Manager Release 4.0(1a) to Release 4.0(4b), discovery of a Cisco UCS C240 M5 server that is equipped with a Cisco 12G Modular SAS HBA controller failed with the error:

mc_attrib_set_suboem_id failed to set the SubOEM ID

This issue is resolved.

4.0(4a)C

4.0(4h)A

CSCvp71363

In a system where a UCS C240 M5 server with a VIC 1457 adapter is managed by Cisco UCS Manager through a direct connect integration with UCS Fabric Interconnects, the following fault is displayed on unused or unconnected ports:

Adapter uplink interface x/y/z link state: unavailable. Please verify connectivity to Fabric Interconnect. Acknowledging FEX might be required.

This issue is resolved.

4.0(2d)A

4.0(4h)A

CSCvr15733

Under load, Cisco vNIC 1400 Series running with UCSC-MLOM-C25Q-04 version 4.0(4b) is stalled permanently due to known issues with the rate limit shutoff.

This issue is resolved.

4.0(1a)B

4.0(4h)A

CSCvs35789

When there is a failover in UCS 6454 Fabric Interconnect, the HIF ports are down, causing the traffic to disrupt for some time. Hence, fabric interconnect reboot takes more time to regain connectivity.

The average delay has been reduced.

4.0(4c)A

4.0(4h)A

CSCvs63073

While running QoS script, Cisco UCS 6400 Series Fabric Interconnects crashed due to system watchdog timeout which is occurred on spinlock situation.

The spinlock condition that led to system watchdog timeout is resolved.

4.0(1a)A

4.0(4h)A

CSCvr46327

When replacing a UCS 2208 IOM with a UCS 2408 IOM, virtual ethernet interfaces became unavailable. Virtual Ethernet interfaces are not available in the output of the show interface virtual status command, but are available in the output of the show interface brief command in NXOS.

This issue is resolved.

4.0(4d)A

4.0(4h)A

CSCvs51200

On Cisco UCS C-Series M5 servers, UEFU boot LUNs become non-functional under the following conditions:

  • When the OS is ESXi release 6.0 update 3 or 6.5 update 1

  • When IQN is defined at the profile level

  • When at least one iSCSI vNIC is configured in boot with more than one target

This issue is resolved.

4.0(4f)A

4.0(4h)A

CSCvr79388

In rare situations, Cisco UCS Intel® processor based M5 servers stop responding and reboot after ADDDC virtual lockstep is activated. This results in #IERR and M2M timeout in the memory system.

For more information, see:

Note 

This issue still persist in Cisco UCS C480 M5 and Cisco UCS 480 M5 ML servers. For more information, see CSCvt64871 in the Open Caveats section.

4.0(4c)B

4.0(4h)B

CSCvr79396

On Cisco UCS M5 servers, the Virtual lock step (VLS) sparing copy finishes early, leading to incorrect values in the lock step region .

This issue is resolved.

4.0(4e)B

4.0(4h)B

CSCvs25524

On Cisco UCS 6300 Series Fabric Interconnect, as the VDC debug logs keep filling up the temp directory, the following message has appeared in the console logs:

FI6332-DC3-A %SYSMGR-2-TMP_DIR_FULL: System temporary directory usage is unexpectedly high at 80%.

This issue is resolved.

4.0(4b)A

4.0(4h)A

CSCvs88880

When standalone Cisco IMC or Cisco UCS Manager managed C-series server is rebooted while the Cisco VIC 1455/1457/1495/1497 adapter is still powered On:

  • Cisco IMC may not be able to manage the VIC adapters and display/modify the adapter configuration.

  • Cisco UCS Manager may lost connectivity with Cisco IMC when the Cisco VIC 1455/1457/1495/1497 adapter is used to provide connectivity between Cisco IMC and Cisco UCSM.

4.0(1a)

4.0(4h)A

CSCvr70687

New Cisco UCS C240 M5 server discovery fails or does not respond with the following error message:

CimcVMedia Error: Error retrieving vmedia attributes 
list-MC Error(-6)

The same issue may occur for any Cisco UCS C240 M5 server after an FI reboot or upgrade.

This issue is resolved.

4.0(4d)A

4.0(4h)A

Resolved Caveats in Release 4.0(4g)

The following caveats are resolved in Release 4.0(4g):

Defect ID

Symptom

First Bundle Affected

Resolved in Release

CSCvr43466

Cisco UCS Manager integrated Cisco UCS B-Series and C-Series M5 servers reported the following hardware inventory mismatch fault even though the hardware had not changed: hardware inventory mismatch

This issue is resolved.

4.0(4b)B

4.0(4g)B

CSCvr67027

When upgrading Red Hat Linux on a Cisco UCS Manager integrated S3260 M4 rack server with UCS-C3K-M4RAID RAID controller running driver 07.702.06.00-rh2, the boot drive becomes inoperable.

This issue is resolved.

3.2(3k)C

4.0(4g)C

CSCvo49554

When a blade server is connected to ports 27-32 on a UCS 6332 Fabric Interconnect, or ports 35-40 on a UCS 6332-16UP Fabric Interconnect, numerous pings are lost during Fabric Interconnect reboot.

This issue is resolved.

4.0(1a)A

4.0(4g)A

CSCvj70519

Port 7162, available only if only if registered with UCS Central, was open on 6400 Series Fabric Interconnects. This port is now closed.

4.0(1a)A

4.0(4g)A

CSCvs25058

UCS 6454 Fabric Interconnect could not switch traffic between a pair of servers that were discovered after the 31st locally connected UCS rack servers when the respective vNIC of the server used an identical vntag. This resulted in servers discovered later not being able to communicate with each other if the vNICs that were communicating had same vntag. Only traffic that was switched in-fabric, such as between vNICs pinned on the Fabric Interconnect, was affected.

This issue is resolved.

4.0(4f)A

4.0(4g)A

CSCvr06387

The SNMP process on the UCS 6324 Fabric Interconnect crashed repeatedly.

This issue is resolved.

4.0(1a)A

4.0(4g)A

CSCvq37888

On UCS M4 blade servers, connectivity between Cisco UCS Manager and the Cisco IMC was lost when the Cisco IMC ran out of memory. Connectivity could not be restored until the blade server was re-seated.

This issue is resolved.

4.0(1a)B and C

4.0(4g)B and C

CSCvr78701

Cisco UCS Manager integrated C220 M5 rack servers experienced a Cisco IMC kernel panic during Cisco UCS Manager activation.

This issue is resolved.

4.0(4c)C

4.0(4g)C

Resolved Caveats in Release 4.0(4f)

The following caveats are resolved in Release 4.0(4f):

Defect ID

Symptom

First Bundle Affected

Resolved in Release

CSCvr01259

With a UCS 6400 Series Fabric Interconnect connected to a UCS 2408, the HIF port interface counters were not updated on the Fabric Interconnect, even though the virtual ethernet scounters showed the correct packet count.

This issue is resolved.

4.0(4e)A

4.0(4f)A

CSCvq92352

In the very rare circumstance when a message with a corrupted length field from an attached FEX was received by the Fabric Interconnect fwm process, a Fabric Interconnect reboot was triggered.

This issue is resolved.

2.2(8f)A

4.0(4f)A

CSCvq57262

During an A-bundle upgrade of a UCS 6454 Fabric Interconnect with RDMA enabled, one of the rack servers showed a pending reboot acknowledgement.

This issue is resolved.

4.0(4b)A

4.0(4f)A

CSCvp52336

A UCS 6454 Fabric Interconnect was unable to receive the DHCP IP address during initial setup.

This issue is resolved.

4.0(2d)A

4.0(4f)A

CSCvq51008

UCS B460 M4 blade servers on a single adapter could not find an adapter to place the vCon. This prevented association and displayed the error message configuration failed due to insufficient-resources,connection-placement.

This issue is resolved.

4.0(4b)A and B

4.0(4f)A and B

CSCvr35735

UCS 6454 Fabric Interconnects were not able to switch traffic between a pair of UCS rack servers when vNICs were pinned to the Fabric Interconnect.

This issue is now resolved.

4.0(4b)A

4.0(4f)A

CSCvq98090

SAN paths on UCS 6454 Fabric Interconnects went offline when the Fabric Interconnect was power-cycled.

This issue is now resolved.

4.0(4b)A

4.0(4f)A

CSCvr47266

During migration from a UCS 6248 Fabric Interconnect to a UCS 6454 Fabric Interconnect,UCS 2208 IOMs silently failed.

This issue is now resolved.

4.0(4b)A

4.0(4f)A

CSCvr34407

UCS 6300 Series Fabric Interconnects on UCS M4 and M5 rack servers lost their VLAN configuration after an enable/disable operation from Cisco UCS Manager.