Cisco Security Advisory - The Cisco Product Security Incident Response Team (PSIRT) would like to notify customers of an issue that may impact their network security posture when upgrading the Cisco Nexus 1000V Series Switches to Software Release 4.2(1)SV1(5.2) with deployments that have Cisco Virtual Security Gateway (VSG) integration. This issue will manifest itself when administrators perform an in-service software upgrade to Software Release 4.2(1)SV1(5.2) from Software Release 4.2(1)SV1(5.1a) or earlier. After the software upgrade, a bug in Software Release 4.2(1)SV1(5.2) could cause all the virtual Ethernet ports on the Virtual Ethernet Modules (VEM) of the Cisco Nexus 1000V Series Switch to stay in No-Policy pass-through mode because a valid VSG license is not actively installed. As a result, the VEMs no longer use a configured Cisco VSG; therefore, the virtual machines (VM) are not firewalled and traffic is not inspected by the VSG.
e173bf86ec7f8fa6a6b464720bcc4ee2a42d6116b5425370d71bcba2ab7c0932