First Published: October 22, 2024

Last Updated: August 29, 2025

Cisco UCS C-Series Servers

Cisco UCS C-Series Servers deliver unified computing in an industry-standard form factor to reduce total cost of ownership and increase agility. Each product addresses varying workload challenges through a balance of processing, memory, I/O, and internal storage resources.

About the Release Notes

This document describes the new features, system requirements, open caveats and known behaviors for C-Series software release 4.3(5) including Cisco Integrated Management Controller (Cisco IMC) software and any related BIOS, firmware, or drivers. Use this document in conjunction with the documents listed in the Related Documentation section.


Note

We sometimes update the documentation after original publication. Therefore, you should also refer to the documentation on Cisco.com for any updates.

Revision History

Revision

Date

Description

F0

August 29, 2025

Created release notes for 4.3(5.250045) for the following servers:

  • Cisco UCS C225 M8 servers

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

E0

July 4, 2025

Created release notes for 4.3(5.250043) for the following servers:

  • Cisco UCS C225 M8 and C245 M8 servers

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

D0

May 20, 2025

Created release notes for 4.3(5.250033) for the following servers:

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

C0

March 25, 2025

Created release notes for 4.3(5.250030) for the following servers:

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

B1

February 24, 2025

Updated the Security Fixes section for 4.3(5.250001).

B0

January 16, 2025

Created release notes for 4.3(5.250001) for the following servers:

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

A0

October 22, 2024

Created release notes for 4.3(5.240021)​ for the following servers:

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers

The firmware files in Cisco Host Upgrade Utility for individual releases are available at: Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

Cisco IMC Release Number and .ISO Image Names

Beginning with the release 4.3, Cisco is updating the release number naming convention to align with the .ISO images.

Example: 4.3.1.YYXXXX

  • 4.3—Represents the main release.

  • .1—Represents the first release.

    For the current 4.3 main release, .1 represents the first release number.

    For subsequent maintenance releases, this number will represent the related maintenance release number.

  • YY—Represents the year of release.

    For the current 4.3 main release, 23 is derived from the year 2023.

  • XXXX—The final 4 digits represent the increasing sequence of build numbers every year.

    For the first 4.3 main release, the number is 0097.

Supported Platforms and Release Compatibility Matrix

Supported Platforms in this Release

The following servers are supported in this release:

  • Cisco UCS C225 M8

  • Cisco UCS C245 M8

  • Cisco UCS C220 M7

  • Cisco UCS C240 M7

  • Cisco UCS C220 M6

  • Cisco UCS C240 M6

  • Cisco UCS C225 M6

  • Cisco UCS C245 M6

  • Cisco UCS S3260 M5

For information about these servers, see Overview of Servers.

Cisco IMC and Cisco UCS Manager Release Compatibility Matrix

Firmware Version Equivalency Between Cisco Intersight, Cisco IMC, and Cisco UCS Manager

For more information, see Cisco UCS Equivalency Matrix for Cisco Intersight, Cisco IMC, and Cisco UCS Manager.

Cisco IMC and Cisco UCS Manager Release Compatibility Matrix

Cisco UCS C-Series Rack-Mount Servers are managed by built-in standalone software —Cisco IMC. However, when a Rack-Mount Server is integrated with Cisco UCS Manager, UCSM end-user interface is used to manage the server.

The following table lists the supported platforms, Cisco IMC releases, and Cisco UCS Manager releases for Rack-Mount Servers:

Table 1. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.3(5) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.3(5.250045)

NA

  • Cisco UCS C225 M8 servers

4.3(5.250043)

NA

  • Cisco UCS C225 M8 and C245 M8 servers

4.3(5.250033)

NA

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6, C245 M6 servers and S3260 M5 servers

4.3(5.250030)

4.3(5d)

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6, C245 M6 servers and S3260 M5 servers

4.3(5.250001)

4.3(5c)

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6, C245 M6 servers and S3260 M5 servers

4.3(5.240021)​

4.3(5a)

  • Cisco UCS C225 M8 and C245 M8 servers

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6, C245 M6 servers and S3260 M5 servers
Table 2. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.3(4) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

  • 4.3(4.252002)

  • 4.3(4.252001)

NA

  • 4.3(4.252002) - Cisco UCS C225 M6 servers

  • 4.3(4.252001) - Cisco UCS C220 M6, C240 M6 servers

4.3(4.242066)

4.3(4f)

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers

4.3(4.242038)

NA

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers

4.3(4.240152)

4.3(4a)

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers
Table 3. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.3(3) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.3(3.240043)

NA

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 servers

4.3(3.240041)​

NA

  • Cisco UCS S3260 M5 servers

4.3(3.240022)

4.3(3a)

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 and S3260 M5 servers
Table 4. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.3(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.3(2.250045)

NA

Cisco UCS C220 M5, C240 M5, C480 M5 and C125 M5 servers

4.3(2.250037)

4.3(6c)

Cisco UCS C220 M5, C240 M5, C480 M5 servers

4.3(2.250022)

NA

Cisco UCS C125 M5 servers

4.3(2.250021)

NA

Cisco UCS C240 M5 servers

4.3(2.250016)

NA

Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.240107)

NA

Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.240090)

NA

Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.240077)

NA

Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.240053)

NA

Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.240037)

NA

  • Cisco UCS C225 M6 and C245 M6 servers

4.3(2.240009)

NA

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 servers

  • Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.240002)

4.3(2)

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 servers

  • Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.230270)

4.3(2)

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 servers

  • Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers

4.3(2.230207)

4.3(2)

  • Cisco UCS C220 M7 and C240 M7 servers

  • Cisco UCS C220 M6, C240 M6, C225 M6 and C245 M6 servers

  • Cisco UCS C220 M5, C240 M5, C480 M5, C125 M5 and S3260 M5 servers
Table 5. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.3(1) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.3(1.230138)

No Support

Cisco UCS C220 M7 and C240 M7 servers

4.3(1.230124​)

No Support

Cisco UCS C220 M7 and C240 M7 servers

4.3(1.230097)

No Support

Cisco UCS C220 M7 and C240 M7 servers
Table 6. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.2(3) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.2(3p)

4.2(3o)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M5, and C125 M5 servers

4.2(3o)

4.2(3n)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3n)

4.2(3m)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3m)

4.2(3l)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3l)

4.2(3k)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3k)

NA

Cisco UCS S3260 M5 servers

4.2(3j)

4.2(3j)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3i)

4.2(3i)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3g)

4.2(3g)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3e)

4.2(3e)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3d)

4.2(3d)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(3b)

4.2(3b)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers
Table 7. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.2(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.2(2g)

4.2(2d)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(2f)

4.2(2c)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.2(2a)

4.2(2a)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

Cisco UCS C220 M5, C240 M5, C240 SD M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers
Table 8. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.2(1) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.2(1j)

4.2(1n)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

4.2(1i)

4.2(1m)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

4.2(1g)

No Support

Cisco UCS C225 M6 and C245 M6 servers

4.2(1f)

4.2(1k)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

4.2(1e)

4.2(1i)

Cisco UCS C220 M6, C225 M6, C240 M6, and C245 M6 servers

4.2(1c)

No Support

Cisco UCS C225 M6 and C245 M6 servers

4.2(1b)

4.2(1f)

Cisco UCS C220 M6 and C240 M6 servers

4.2(1a)

4.2(1d)

Cisco UCS C220 M6, C240 M6, and C245 M6 servers
Table 9. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.1(3) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.1(3n)

NA

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M5 and S3260 M4 servers

4.1(3m)

4.1(3m)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M5 and S3260 M4 servers

4.1(3l)

4.1(3k)

Cisco UCS C480 M5, C220 M5, C240 M5 servers

4.1(3i)

4.1(3j)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M4, S3260 M5, C125 M5 servers

4.1(3h)

4.1(3i)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M4, S3260 M5, C125 M5 servers

4.1(3g)

No Support

Cisco UCS S3260 M4 and S3260 M5 servers

4.1(3f)

4.1(3h)

Cisco UCS C220 M5, C240 M5, C480 M5, S3260 M4, S3260 M4, S3260 M5, and C125 M5 servers

4.1(3d)

4.1(3e)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5, and C125 M5 servers

4.1(3c)

4.1(3d)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5 and C125 M5 servers

4.1(3b)

4.1(3a)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M4, S3260 M5 and C125 M5 servers

Table 10. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.1(2) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.1(2m)

No Support

Cisco UCS C220 M4, C240 M4 and C460 M4 servers.

4.1(2l)

No Support

Cisco UCS C220 M4 and C240 M4 servers.

4.1(2k)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2j)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2h)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2g)

No Support

Cisco UCS C220 M4, C240 M4, and C460 M4 servers

4.1(2f)

4.1(2c)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(2e)

No Support

Cisco UCS C125 M5 servers

4.1(2d)

No Support

Cisco UCS C240 M5 and C240 SD M5 servers

4.1(2b)

4.1(2b)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(2a)

4.1(2a)

Cisco UCS C220 M5, C240 SD M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

Table 11. Cisco IMC and UCS Manager Software Releases for Rack Mount Servers for Cisco IMC 4.1(1) Release

Cisco IMC Release

Cisco UCS Manager Release

Rack Mount Servers

4.1(1h)

4.1(1e)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(1g)

4.1(1d)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(1f)

4.1(1c)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

4.1(1d)

4.1(1b)

Cisco UCS C220 M5, C240 M5, C480 M5, and C480 ML M5 servers

4.1(1c)

4.1(1a)

Cisco UCS C220 M5, C240 M5, C480 M5, C480 ML M5, S3260 M5, C125 M5, C220 M4, C240 M4, C460 M4, and S3260 M4 servers

Operating System and Browser Requirements

For detailed information about supported Operating System, see the interactive UCS Hardware and Software Compatibility matrix.

Cisco recommends the following browsers for Cisco UCS Rack Server Software, Release 4.3(5):

Recommended Browser

Minimum Recommended Browser Version

Minimum Recommended Operating System

Safari

Version 17.6 (19618.3.11.11.5)

MAC OS 14.6.1 (23G93)

Google Chrome

Version 127.0.6533.72 (Official Build) (64-bit)

Windows 11 Enterprise 23H2

Version 127.0.6533.89 (Official Build) (64-bit)

Version 128.0.6613.138

 Windows 2019 DC

Version 129.0.6668.90

MAC OS 14.6.1 (23G93)

Mozilla Firefox

128.0.2 (64-bit)

Windows 11 Enterprise 23H2

128.0.3 (64-bit)

131.0 (64 Bit)

130.0.1 (64-bit)

Ubuntu Desktop 20.04.3 LTS

131.0 (aarch64)

MAC OS 14.6.1 (23G93)

Note

If the management client is launched using an unsupported browser, check the help information from the For best results use supported browsers option available in the login window for the supported browser versions.

Transport Layer Security (TLS) version 1.2.

Default Ports

Following is a list of server ports and their default port numbers:

Table 12. Server Ports

Port Name

Port Number

LDAP Port 1

389

LDAP Port 2

389

LDAP Port 3

389

LDAP Port 4

3268

LDAP Port 5

3268

LDAP Port 6

3268

SSH Port

22

HTTP Port

80

HTTPS Port

443

SMTP Port

25

KVM Port

2068

Intersight Management Port

8889

Intersight Cloud Port

8888

SOL SSH Port

2400

SNMP Port

161

SNMP Traps

162

External Syslog

514

Upgrade and Downgrade Guidelines

The section provides information on the upgrade paths to release 4.3.5.

Cisco IMC 4.3(5.240021)​ release supports Cisco UCS C225 M8 server in addition to the following servers:

  • Cisco UCS C245 M8

  • Cisco UCS C220 M7

  • Cisco UCS C240 M7

  • Cisco UCS C220 M6

  • Cisco UCS C240 M6

  • Cisco UCS C245 M6

  • Cisco UCS C225 M6

  • Cisco UCS S3260 M5

To get a complete overview of all the possible upgrade paths in Cisco IMC, see Cisco UCS Rack Server Upgrade Support Matrix.

Downgrade Limitation for Release 4.3(4.240152):

See Cisco UCS Rack Server Upgrade Support Matrix to view your server upgrade path.

Downgrade Limitation for Release 4.3(3.240022):

In the release 4.3(3.240022), you cannot downgrade the Cisco UCS M7 servers with 5th Gen Intel® Xeon® processors.

When you try to downgrade Cisco IMC, the following error message is displayed on CLI, GUI, Redfish API and XML API user interfaces:

Error message during BMC downgrade with different interfaces like CLI/WEBUI/Redfish/XML =

“Update aborted. INCOMPATIBLE_IMAGE”

When you try to downgrade BIOS, the following error message is displayed on CLI, GUI, Redfish API and XML API user interfaces:

CPU ID mismatch between uploaded image and the platform.


Note

You can downgrade Cisco UCS M7 servers with 4th Generation Intel® Xeon® Scalable Processors.

Infrastructure Upgrade and Downgrade to Release 4.3(2):

  • Cisco UCS M4 servers are not supported by 4.3(2.230207) and later releases.

  • You must perform firmware update after adding any new hardware component to the system.

  • If you are planning to install Cisco UCS VIC 15237 or 15427 in a server, then upgrade the server to 4.3(2.230270) or later versions and then insert the adapter into the server.

    If you insert Cisco UCS VIC 15237 or 15427 into the server that is running earlier versions than 4.3(2.230270), then upgrade the server to 4.3(2.230270) or later versions and power cycle the server to recognize the adapter.

  • If you are planning to install Cisco UCS VIC 15235 or 15425 in a server, then upgrade the server to 4.3(2.230207) or later versions and then insert the adapter into the server.

    If you insert Cisco UCS VIC 15235 or 15425 into the server that is running earlier versions than 4.3(2.230207), then upgrade the server to 4.3(2.230207) or later versions and power cycle the server to recognize the adapter.

Support for Cisco UCS C245 M8 Servers

Cisco UCS C245 M8 servers are supported from the release 4.3(4.241014) onwards.

Support for Cisco UCS M7 Servers

Cisco UCS M7 servers are supported from the release 4.3(1.230097) onwards.

The following releases are for Cisco UCS M7 servers only:

  • 4.3(1.230138)

  • 4.3(1.230124​)

  • 4.3(1.230097)

Firmware Files

Firmware Files

The C-Series software release includes the following software files:

CCO Software Type File name(s) Comment
Unified Computing System (UCS) Server Firmware

For release specific ISO versions, see Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3

Host Upgrade Utility
Unified Computing System (UCS) Drivers ucs-cxxx-drivers.4.3(5.240021)​.iso Drivers
Unified Computing System (UCS) Utilities

ucs-cxxx-utils-efi.4.3(5.240021)​.iso

ucs-cxxx-utils-linux.4.3(5.240021)​.iso

ucs-cxxx-utils-vmware.4.3(5.240021)​.iso

ucs-cxxx-utils-windows.4.3(5.240021)​.iso

Utilities

Note

Always upgrade the BIOS, the Cisco IMC and CMC from the HUU ISO. Do not upgrade individual components (only BIOS or only Cisco IMC), since this could lead to unexpected behavior. If you choose to upgrade BIOS, and the Cisco IMC individually and not from the HUU ISO, make sure to upgrade both Cisco IMC, and BIOS to the same container release. If the BIOS and the Cisco IMC versions are from different container releases, it could result in unexpected behavior. Cisco recommends that you use the Update All option from the Host Upgrade Utility to update the firmware versions of Cisco IMC, BIOS, and all other server components (VIC, RAID Controllers, PCI devices, and LOM) together.

Host Upgrade Utility

The Cisco Host Upgrade Utility (HUU) is a tool that upgrades the Cisco UCS C-Series firmware.

The image file for the firmware is embedded in the ISO. The utility displays a menu that allows you to choose which firmware components to upgrade. For more information on this utility, see http://www.cisco.com/en/US/products/ps10493/products_user_guide_list.html.

For details of firmware files in Cisco Host Upgrade Utility for individual releases, see Cisco UCS C-Series Integrated Management Controller Firmware Files, Release 4.3.

Updating the Firmware

Use the Host Upgrade Utility to upgrade the C-Series firmware. Host Upgrade Utility can upgrade the following software components:

  • BIOS

  • Cisco IMC

  • CMC

  • Cisco VIC Adapters

  • Broadcom Adapters

  • LAN on Motherboard

  • PCIe adapter firmware

  • HDD firmware

  • SAS Expander firmware

  • DCPMM Memory

  • PCI Gen5 retimer

All firmware should be upgraded together to ensure proper operation of your server.


Note

We recommend that you use the select all and Update or Update & Activate All option from the Host Upgrade Utility to update the firmware versions of Cisco IMC, BIOS and all other server components (VIC, RAID Controllers, PCI devices, and LOM) together. Click Exit once you deploy the firmware.

For more information on how to upgrade the firmware using the utility, see:

http://www.cisco.com/c/en/us/support/servers-unified-computing/ucs-c-series-rack-servers/products-user-guide-list.html

Software Utilities

The following standard utilities are available:

  • Host Update Utility (HUU)

  • Server Configuration Utility (SCU)

  • Server Diagnostic Utility (SDU)

The utilities features are as follows:

  • Availability of HUU, SCU on the USB as bootable images. The USB also contains driver ISO, and can be accessed from the host operating system.

New Hardware in Release 4.3.5

New Hardware in Release 4.3(5.250001)

The following new hardware are supported in Release 4.3(5.250001):

CPU Support - Support for 5th Gen AMD® EPYC® Processors

Support for the following 5th Gen AMD® EPYC® Processors with Cisco UCS C245 M8 servers:

  • AMD 9655 2.6GHz 400W 96C/384MB Cache DDR5 6000MT/s (UCS-CPU-A9655)

  • AMD 9575F 3.3GHz 400W 64C/256MB Cache DDR5 6000MT/s (UCS-CPU-A9575F)

  • AMD 9555 3.2GHz 360W 64C/256MB Cache DDR5 6000MT/s (UCS-CPU-A9555)

  • AMD 9355 3.4GHz 280W 32C/256MB Cache DDR5 6000MT/s (UCS-CPU-A9355)

  • AMD 9135 3.5GHz 200W 16C/64MB Cache DDR5 6000MT/s (UCS-CPU-A9135)

Support for the following 5th Gen AMD® EPYC® Processors with Cisco UCS C225 M8 servers:

  • AMD 9355 3.4GHz 280W 32C/256MB Cache DDR5 6000MT/s (UCS-CPU-A9355)

  • AMD 9135 3.5GHz 200W 16C/64MB Cache DDR5 6000MT/s (UCS-CPU-A9135)

  • AMD 9655P 2.6GHz 400W 96C/384MB Cache DDR5 6000MT/s (UCS-CPU-A9655P)

  • AMD 9555P 3.2GHz 360W 64C/256MB Cache DDR5 6000MT/s (UCS-CPU-A9555P)

  • AMD 9355P 3.4GHz 280W 32C/256MB Cache DDR5 6000MT/s (UCS-CPU-A9355P)

Enhanced Memory Capabilities

  • Cisco UCS C245 M8 server: Supports up to 24 DDR5 DIMMs for up to 1.5 TB of total memory using 64 GB DIMMs

  • Cisco UCS C245 M8 server: Supports up to 12 DDR5 DIMMs for up to 768 GB of total memory using 64 GB DIMMs

New Hardware in Release 4.3(5.240021)​

The following new hardware are supported in Release 4.3(5.240021)​:

Cisco UCS C225 M8 Server

The Cisco UCS C225 M8 Rack Server is a versatile general-purpose infrastructure and application server. This high-density, 1RU, single-socket rack server delivers industry-leading performance and efficiency for a wide range of workloads, including virtualization, collaboration, and bare-metal applications.

The Cisco UCS C225 M8 Rack Server extends the capabilities of the Cisco UCS rack server portfolio. It powers 4th Gen AMD EPYC Processors with 100 percent more cores per socket designed using AMD’s chiplet architecture. With advanced features such as AMD Infinity Guard, compute-intensive applications will see significant performance improvements and reap other benefits such as power and cost efficiencies.

The key features of Cisco UCS C225 M8 Server include:

  • Supports one 4th Gen AMD EPYC CPU, with up to 128 cores per socket

  • Up to 12 DDR5 DIMMs for up to 1.5 TB of capacity using 128 GB DIMMs

  • Up to 6000 MT/s DDR5 memory

  • Up to 3 PCIe 4.0 slots or up to 2 PCIe 5.0 slots, plus a modular LAN on motherboard (mLOM) / OCP slot

  • Support for Cisco’s virtual interface card, the Cisco UCS VIC 15000 Series adapters, as well as third-party NIC options

  • UCS C225 M8S chassis: up to 10 SAS/SATA or NVMe disk drives

    • New tri-mode RAID controller supports SAS4 or NVMe hardware RAID

    • Option for up to 4 direct-attach NVMe SSDs

  • UCS C225 M8N chassis: up to 10 direct attach NVMe SSDs

    • All 10 NVMe drives connected at PCIe Gen4 x4

  • M.2 boot options

    • Up to two 960GB SATA M.2 drives with hardware RAID, or

    • Up to two 960GB NVMe M.2 drives with NVMe hardware RAID

  • Up to three GPUs supported

  • Hybrid modular LOM/OCP 3.0

    • One dedicated Gen 4.0 x16 slot that can be used to add an mLOM or OCP 3.0 card for additional rear-panel connectivity

    • mLOM allows for Cisco UCS Virtual Interface Cards (VICs) without consuming a PCIe slot, supporting quad-port 10/25/50 Gbps or dual-port 40/100/200 Gbps network connectivity

    • OCP 3.0 slot features full out-of-band management for select adapters

Cisco IMC supports all the peripherals supported by Cisco UCS C225 M8 Server. For the complete list of supported peripherals for Cisco UCS C225 M8 Server, see Cisco UCS C225 M8 SFF Rack Server Spec Sheet.


Note

Cisco UCS C225 M8 Server supports only 14000 Series and 15000 Series secure boot VIC adapters.

Peripherals

  • NVIDIA® BlueField-3 B3140H SuperNIC 1x400G with Cisco UCS C220 M7 and C240 M7 servers.

  • NVIDIA® BlueField-3 B3140H SuperNIC 1x400G with Cisco UCS C225 M8 and C245 M8 servers.

  • NVIDIA® 1x400G Ethernet NIC (UCSC-P-N7S400GF) with Cisco UCS C220 M7 and C240 M7 servers.

  • NVIDIA® 1x400G Ethernet NIC (UCSC-P-N7S400GF) with Cisco UCS C225 M8 and C245 M8 servers.

  • NVIDIA® BlueField-3 B3210E DPU 2x100G DPUs with Cisco UCS C225 M8 and C245 M8 servers.

  • NVIDIA® BlueField-3 B3220 DPU 2x200G with Cisco UCS C245 M8 servers.

  • NVIDIA® L4 GPU 70W, 24GB, 1-slot HHHL with Cisco UCS C225 M8 servers.

  • AMD MI210 GPU; 300W 64GB, 2 slot FHFL (UCSX-GPU-MI210) with Cisco UCS C220 and C240 M7 servers.

  • NVIDIA® H100-NVL GPU 400W, 94GB, 2-slot FHFL (UCSC-GPU-H100-NVL) with Cisco UCS C240 M7 servers andn C245 M8 servers.

New Software in Release 4.3.5

New Software Features in Release 4.3(5.250001)

Cisco IMC extends its current functionalities and features to Cisco UCS C-series M6, M7 and M8 servers. The following new software features are supported in Release 4.3(5.250001).

  • Cisco IMC now includes an additional fan policy - Maximum Cooling.

    This new fan policy setting configures the server fans to operate at their highest speeds to provide the maximum possible cooling.

New Software Features in Release 4.3(5.240021)​

Cisco IMC extends its current functionalities and features to Cisco UCS C-series M6, M7 and M8 servers. The following new software features are supported in Release 4.3(5.240021)​.

  • Cisco IMC now includes dynamic polling support to monitor the port status (up/down) and port speed of third-party Network Interface Cards (NICs) on Cisco UCS C-Series M6, M7, and M8 servers, offering real-time insights into network interface performance and ensuring optimal server connectivity and efficiency.

  • Cisco IMC now includes an additional sensor property for the fan - Pulse Width Modulation (PWM). PWM is the absolute measure of the fan on and off duration to control the speed.

Deprecated Hardware and Software in Cisco IMC

Release 4.3(3.240022)

Beginning with Cisco IMC release 4.3(3.240022), the following Cisco UCS M5 servers are not supported:

  • Cisco UCS C125 M5

  • Cisco UCS C220 M5

  • Cisco UCS C240 M5

  • Cisco UCS C240 SD M5

  • Cisco UCS C480 M5

  • Cisco UCS C480 ML M5

The Cisco UCS M5 servers mentioned above will continue to be supported on the final supported software release version (4.3(2.x)) with applicable patches, going forward.

Resolved Caveats

Resolved Caveats in Release 4.3(5.250045)

The following defect was resolved in Release 4.3(5.250045):

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCwp21596

In the Cisco UCS C225 M8 server, after a fatal error occurs in the CPU, the system remains unresponsive for an extended period without recovering.

The issue occurs during device hot plug events or during malfunction in device I/O.

This is an edge case rather than a typical functional issue. A combination of specific triggers is required for the CPU to enter a fatal fault state.

4.3(5.250033)

4.3(5.250045)

Resolved Caveats in Release 4.3(5.250043)

The following defect was resolved in Release 4.3(5.250043):

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCwp18182

When the Cisco UCS C225 M8 server, equipped with NVMe drives and NVIDIA BlueField 3 NICs, is upgraded to Cisco IMC release version 4.3(5.250033), all fans operate at 100% speed.

Before the upgrade, when the server was running Cisco IMC release version 4.3(5.250030), all fans operated at 37% PWM.

There are no functional issues; however, power consumption may increase significantly, and system noise levels could become very high due to fans operating at 100% capacity.

4.3(5.250033)

4.3(5.250043)

Resolved Caveats in Release 4.3(5.250033)

The following defects were resolved in Release 4.3(5.250033):

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCwo84654

On Cisco UCS C225 M8 servers, Gen5 capable NICs in Riser 1C/1B/3C have PCIe in downgraded Gen4 speed.

Link speed is evident in both BIOS and OS during boot.

This limits only the performance but does not impact the reliability.

This issue is now resolved.

4.3(5.250030)

4.3(5.250033)

Resolved Caveats in Release 4.3(5.250030)

The following defects were resolved in Release 4.3(5.250030):

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCwk33013

In Cisco UCS M5 servers with secure boot keys file size set to 0, the following error message is displayed in the Cisco IMC GUI:

Post sensor, System Firmware error (POST Error), EFI Secure Boot Key Error [0x5304] was asserted

This issue is caused when the Secure boot keys (DB, DBx, PK, KEK) are set to zero file size.

There is no impact on the server operation and performance.

This issue is now resolved.

4.3(2.240090)

4.3(5.250030)

CSCwm67863

In Cisco UCS servers running Red Hat Enterprise Linux Release 9 Version 4, upgrading the BIOS and switching the boot mode from non-secure to secure causes the host to power off.

This issue is now resolved.

4.3(5.250001)

4.3(5.250030)

CSCwn48372

In Cisco UCS M8 servers, selecting the Auto option for the BIOS token CbsCmnEfficiencyModeEnRs results in the value being displayed as High Performance Mode.

This issue is now resolved.

4.3(5.240021)

4.3(5.250030)

CSCwn62845

In Cisco UCS C220 M7 servers running on the Cisco IMC release version 4.3(4.242038), the Storage Raid Battery MRAID is degraded.

Check the battery or storage controller alert seen on the server.

This issue is now resolved.

4.3(4.242038)

4.3(5.250030)

CSCwn65087

When the Cisco UCS server is upgraded to the Cisco IMC release version 4.3(2.240090) and IP filtering is enabled, the HTTP/HTTPS access is disabled on Cisco IMC reset.

HTTP/HTTPS settings must be manually enabled to retain access after Cisco IMC reboot.

This issue is now resolved.

4.3(2.240090)

4.3(5.250030)

CSCwn85649

While using the Intel NIC card I710, the following error message is displayed for Ethernet Network Adapter I710 using i40e driver:

i40e 0000:17:00.0: ARQ: Unknown event 0x0000 ignored.

4.3(4.240152)

4.3(5.250030)

Resolved Caveats in Release 4.3(5.250001)

The following defects were resolved in Release 4.3(5.250001):

Defect ID

Symptom

First Release Affected

Resolved in Release

CSCwn00366

Server discovery failures occur on Cisco UCS C-series servers in Intersight Managed Mode when only eNICs or only vHBAs are configured.

This issue is caused due to a memory leak in the vniccfgd process, triggered by the palo_vnic_listtype() API call.

Over a period of time, the memory leak accumulates, eventually reaching a threshold that leads to failures

This issue is now resolved.

4.3(2.230207)

4.3(5.240021)​

Open Caveats

Open Caveats in Release 4.3(5.250001)

The following defects are open in Release 4.3(5.250001):

Defect ID

Symptom

Workaround

First Affected Release

CSCwn19002

In Cisco UCS C245 M8 servers, uncorrectable errors that are displayed in Cisco IMC fault logs are non-fatal errors.

These errors are displayed during hot plugging of 15.3 TB U.2 P5316 NVMe drives in hybrid slots.

These errors have been moved under warnings.

There is no workaround.

These errors are SEL warnings and can be ignored as they do not have any functional impact.

 4.3(5.250001)

CSCwn22341

HSU Redfish API update fails for Cisco UCS VIC 15xxx adapters with "ApplyTime":"OnNextBoot" option and when the target contains only VIC adapters.

Perform the HSU Redfish API update for Cisco UCS VIC 15xxx adapters with "ApplyTime":"Immediate" option.

4.3(5.240021)​

CSCwn36143

In Cisco UCS C225 M8 servers, errors are displayed during hot plugging of the NVMe drives.

There is no workaround.

These errors are SEL warnings and can be ignored as they do not have any functional impact.

4.3(5.240021)​

Open Caveats in Release 4.3(5.240021)​

The following defects are open in Release 4.3(5.240021)​:

Defect ID

Symptom

Workaround

First Affected Release

CSCwk79108

Drive migration between servers with similar configuration lists virtual drives that were not imported.

There is no workaround.

 4.3(5.240021)​

CSCwr10524

In Cisco UCS M6 servers with firmware release version 4.3(2.230207) and secure VIC 15xxx adapters, the firmware upgrade to the release versions 4.3(4.xxxxx) / 4.3(5.xxxxx) / 4.3(6.xxxxx) / 6.0(1.250127) using the HUU Web UI or NI-HUU results in BIOS activation failure.

The issue occurs if any one or both of the following secure VICs are present:

  • Cisco UCS VIC 15235

  • Cisco UCS VIC 15425

If the update is initiated through the HUU GUI, then the interface first displays a failure message regarding secure VIC activation, followed by another message to proceed with a host power cycle.

After a manual host power cycle, all the component firmware are activated with the latest firmware except for BIOS. Retriggering firmware update does not help in activating the BIOS component.

If the update is initiated through NI-HUU, then the script execution fails with the following error message:

Error - Firmware update failed because it timed out. Check host for details.

After a manual host power cycle, all the component firmware are activated with the latest firmware except for BIOS. Retriggering firmware update does not help in activating the BIOS component.

You can perform any one of the following workarounds:

Perform the firmware upgrade using the HSU Redfish.

OR

Perform a step upgrade as listed below:

  1. Upgrade from the release version 4.3(2.230207) to 4.3(2.230270)

  2. Upgrade from the release version 4.3(2.230270) to any of the following releases -

    • 4.3(4.xxxxx)

    • 4.3(5.xxxxx)

    • 4.3(6.xxxxx)

    • 6.0(1.xxxxx)

OR

Perform the following steps in Cisco IMC Web UI:

  1. From the Apps drop-down list, select Administration.

  2. In the Navigation pane, click Firmware Management menu.

  3. In the Firmware Management area, select a component from the Component column and click Upload.

  4. The Update Firmware dialog box appears.

  5. Update the secure VIC 15xxx firmware.

  6. Update the remaining components by booting HUU.

4.3(4.240152)

Known Behaviors and Limitations

Known Behaviors and Limitations in Release 4.3(5.250001)

Known Behaviors and Limitations

The following caveats are known limitations in release 4.3(5.250001):

Defect ID

Symptom

Workaround

First Affected Release

CSCwn20720

In Cisco UCS C245 M8 servers, the complete firmware version is not getting listed for AMD MI-210 GPU in Cisco IMC out-of-band inventory across all user interfaces.

This issue is seen in the Web UI and CLI interfaces.

There is no workaround.

4.3(5.250001)

Known Behaviors and Limitations in Release 4.3(5.240021)​

Known Behaviors and Limitations

The following caveats are known limitations in release 4.3(5.240021)​:

Defect ID

Symptom

Workaround

First Affected Release

CSCwk73250

In a RAID-1 setup, the Virtual Drive creation supports a maximum of two physical disks.

Configuring RAID-1 with more than two physical disks will result in a configuration failure.

There is no workaround.

4.3(5.240021)​

CSCwm36068

In Cisco UCS M7 servers, creation of virtual drives using self-encrypting drive and non self-encrypting drive combination fails for out-of-band management (OOB).

This issue is seen in the Web UI and CLI interfaces.

There is no workaround.

4.3(4.240152)

Security Fixes in Release 4.3.5

Security Fixes in Release 4.3(5.250030)

Defect ID - CSCwn63691

Cisco UCS C225 M6 and C245 M6 servers are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2024-56161—Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP.

  • CVE-2024-21925—Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution.

  • CVE-2024-21924—SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution..

Security Fixes in Release 4.3(5.250001)

Defect ID - CSCwm73573

Cisco UCS M7 servers are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2024-27457—Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-23918—Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21820—Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21853—Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access.

  • CVE-2024-25565—Insufficient control flow management in UEFI firmware for some Intel(R) Xeon(R) Processors may allow an authenticated user to enable denial of service via local access.

  • CVE-2024-23984—Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-24968—Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access.

  • CVE-2024-22185—Time-of-check Time-of-use Race Condition in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-24985—Exposure of resource to wrong sphere in some Intel(R) processors with Intel(R) ACTM may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21829—Improper input validation in UEFI firmware error handler for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-23599—Race condition in Seamless Firmware Updates for some Intel(R) reference platforms may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2024-21781—Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to enable information disclosure or denial of service via local access.

  • CVE-2024-39279—Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow a authenticated user to potentially enable denial of service via local access.

  • CVE-2024-28047—Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-31157—Improper initialization in UEFI firmware OutOfBandXML module in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-36293—Improper access control in the EDECCSSA user leaf function for some Intel(R) Processors with Intel(R) SGX may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2024-31068—Improper Finite State Machines (FSMs) in Hardware Logic for some Intel(R) Processors may allow privileged user to potentially enable denial of service via local access.

  • CVE-2024-25571—Improper input validation in some Intel(R) SPS firmware before SPS_E5_06.01.04.059.0 may allow a privileged user to potentially enable denial of service via local access.

  • CVE-2024-21859—Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-31155—Improper buffer restrictions in the UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-37020—Sequence of processor instructions leads to unexpected behavior in the Intel(R) DSA V1.0 for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable denial of service via local access.

Security Fixes in Release 4.3(5.240021)​

Defect ID - CSCwk90710

Cisco UCS M6 servers are affected by vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

  • CVE-2024-24853—Incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-24980—Protection mechanism failure in some 3rd, 4th, and 5th Generation Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21829—Improper input validation in UEFI firmware error handler for some Intel® Processors may allow a privileged user to potentially enable escalation of privilege via local access.

  • CVE-2024-21781—Improper input validation in UEFI firmware for some Intel® Processors may allow a privileged user to enable information disclosure or denial of service via local access.

  • CVE-2023-43753—Improper conditions check in some Intel(R) Processors with Intel® Software Guard Extensions (Intel® SGX) may allow a privileged user to potentially enable information disclosure via local access.

  • CVE-2024-24968—Improper finite state machines (FSMs) in hardware logic in some Intel® Processors may allow an privileged user to potentially enable a denial of service via local access.

  • CVE-2024-23984—Observable discrepancy in RAPL interface for some Intel® Processors may allow a privileged user to potentially enable information disclosure via local access.

Related Documentation

For configuration information for this release, refer to the following:

For information about installation of the C-Series servers, refer to the following:

The following related documentation is available for the Cisco Unified Computing System:

Refer to the release notes for Cisco UCS Manager software and the Cisco UCS C Series Server Integration with Cisco UCS Manager Guide at the following locations: