https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529545#M530707 <HTML><HEAD></HEAD><BODY><P>what version of ISE?</P></BODY></HTML> Mon, 20 Mar 2017 17:37:15 GMT Jason Kunst 2017-03-20T17:37:15Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529541#M530702 <HTML><HEAD></HEAD><BODY><P class="p1"><SPAN class="s1">Ok, WTH does this mean:&nbsp; <A href="https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd49829"><SPAN class="s2">https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd49829</SPAN></A></SPAN></P><P class="p2"><SPAN class="s3"> </SPAN></P><P class="p2"><SPAN class="s3">Releases 1.2, 1.3, 1.4 and 2.x are affected. A hot patch for these releases will be provided by the 18th of March.<BR /> <STRONG>The hot patch will only work on the latest release for each train. Customers need to upgrade to the latest release before applying the patch </STRONG></SPAN></P><P class="p2"><SPAN class="s3"> </SPAN></P><P class="p2"><SPAN class="s3">Customers run 2.0 patch 4, is that the ‘latest release for that train’? Or are they demanding 2.2? Or 2.0.1? Or, we have to wait until March 18</SPAN><SPAN class="s4"><SUP>th</SUP></SPAN><SPAN class="s3"> to find out?</SPAN></P></BODY></HTML> Wed, 15 Mar 2017 18:58:04 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529541#M530702 lnorman 2017-03-15T18:58:04Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529542#M530704 <HTML><HEAD></HEAD><BODY><P>This means that you have to be running the latest patch for your version.</P><P></P><P>ISE 2.0 Patch 4</P><P>ISE 2.0.1 Patch 3</P><P>ISE 2.1 Patch 3</P><P>ISE 2.2 No Current Patches</P><P></P><P>You do NOT have to upgrade your version of ISE to install the Hotfix.</P></BODY></HTML> Thu, 16 Mar 2017 11:46:25 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529542#M530704 Charlie Moreton 2017-03-16T11:46:25Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529543#M530705 <HTML><HEAD></HEAD><BODY><P>Thanks Charles!</P><P></P><P>Lou</P></BODY></HTML> Thu, 16 Mar 2017 17:29:09 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529543#M530705 lnorman 2017-03-16T17:29:09Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529544#M530706 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>March 18 has passed, where can the hot patch be found?</P><P></P><P>Thanks</P><P>Gert</P></BODY></HTML> Mon, 20 Mar 2017 09:17:04 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529544#M530706 gtilburg 2017-03-20T09:17:04Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529545#M530707 <HTML><HEAD></HEAD><BODY><P>what version of ISE?</P></BODY></HTML> Mon, 20 Mar 2017 17:37:15 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529545#M530707 Jason Kunst 2017-03-20T17:37:15Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529546#M530708 <HTML><HEAD></HEAD><BODY><P>seems like multiple threads about this same defect</P><P>see this one</P><P><A href="https://community.cisco.com/message/249469">Re: CSCvd49829</A></P></BODY></HTML> Mon, 20 Mar 2017 18:45:07 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529546#M530708 Jason Kunst 2017-03-20T18:45:07Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529547#M530709 <HTML><HEAD></HEAD><BODY><P>No need to open TAC cases for this. The patches will be available at CCO. Please see the ISE entry @ <A href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170310-struts2">Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products</A><SPAN style="font-size: 10pt;"> to track its availability.</SPAN></P></BODY></HTML> Mon, 20 Mar 2017 18:57:19 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529547#M530709 hslai 2017-03-20T18:57:19Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529548#M530710 <HTML><HEAD></HEAD><BODY><P>My customer uses ISE version 1.2.1.198 ,is that the ‘latest release for that train’? </P><P></P><P>and I haven't installed all patch Version&nbsp; ,Do I need to install the latest patch?</P><P></P><P>thank you</P><P></P><P></P><P>cheer</P></BODY></HTML> Thu, 23 Mar 2017 02:36:46 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529548#M530710 peng083411147 2017-03-23T02:36:46Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529549#M530711 <HTML><HEAD></HEAD><BODY><P>Yes you will need to update to latest patch.</P><P></P><P><A href="http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191" title="http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191">http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191</A></P><P></P><P>Also work with them to get off ISE 1.2</P><P><A href="http://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/eos-eol-notice-c51-736297.html" style="font-size: 10pt;" title="http://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/eos-eol-notice-c51-736297.html">http://www.cisco.com/c/en/us/products/collateral/security/identity-services-engine/eos-eol-notice-c51-736297.html</A></P></BODY></HTML> Thu, 23 Mar 2017 15:20:55 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529549#M530711 Jason Kunst 2017-03-23T15:20:55Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529550#M530712 <HTML><HEAD></HEAD><BODY><P>HI Jason,</P><P>My customer uses ISE version 1.2.1.198 ,is that the ‘latest release for that train’?</P><P></P><P></P><P>Do I need to upgrade the version before I install install the latest patch?</P><P></P><P>THANK YOU</P></BODY></HTML> Fri, 24 Mar 2017 06:17:22 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529550#M530712 peng083411147 2017-03-24T06:17:22Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529551#M530713 <HTML><HEAD></HEAD><BODY><P>As stated before please refer to the release notes, patch 8 is the latest patch and yes you will need to install that, 1.2.1.198 is the version of ISE not the patch version, please again read the release notes</P><P></P><P><A href="http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191" title="http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191">http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191</A></P></BODY></HTML> Fri, 24 Mar 2017 16:19:38 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529551#M530713 Jason Kunst 2017-03-24T16:19:38Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529552#M530714 <HTML><HEAD></HEAD><BODY><P>OK,Thank you for your patience</P><P></P><P>Releases 1.2, 1.3, 1.4 and 2.x are affected. A hot patch for these releases will be provided by the 24th of March.</P><P>but I don't find the hot patch in cisco.com</P></BODY></HTML> Sat, 25 Mar 2017 00:35:54 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529552#M530714 peng083411147 2017-03-25T00:35:54Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529553#M530715 <HTML><HEAD></HEAD><BODY><P>Refresh the browser? They are under Struts2-CVE-Fixes.</P><P><IMG alt="Screen Shot 2017-03-24 at 5.41.47 PM.png" class="image-1 jive-image" src="/legacyfs/online/fusion/105676_Screen Shot 2017-03-24 at 5.41.47 PM.png" style="height: 372px; width: 620px;" /></P></BODY></HTML> Sat, 25 Mar 2017 00:43:18 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529553#M530715 hslai 2017-03-25T00:43:18Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529554#M530716 <HTML><HEAD></HEAD><BODY><P>execuse me,My customer users ISE version 1.2.1.198</P><P>but, I don't find the hot patch for this version?</P><P></P><P>only have Ftruts2Fix-1.3to14. and Struts2Fix-2.0to2.2.</P><P></P><P></P><P>So ,do I need to upgrade to version 1.3 before installing the patch?</P><P></P><P></P><P>Thanks</P></BODY></HTML> Sat, 25 Mar 2017 12:00:34 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529554#M530716 peng083411147 2017-03-25T12:00:34Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529555#M530717 <HTML><HEAD></HEAD><BODY><P>To patch ISE 1.2.x needs Cisco TAC assistant. Please open a TAC case, if not already done.</P></BODY></HTML> Sat, 25 Mar 2017 17:33:51 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529555#M530717 hslai 2017-03-25T17:33:51Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529556#M530724 <HTML><HEAD></HEAD><BODY><P>Hi <A href="https://community.cisco.com//u1/38995">hslai</A></P><P>So my customer is running <SPAN style="color: #000000; font-family: -webkit-standard; font-size: medium;">1.2.0.899. TAC can help find a patch, right?</SPAN></P><P><SPAN style="color: #000000; font-family: -webkit-standard; font-size: medium;">We saw the "<SPAN style="color: #000000; font-family: -webkit-standard; font-size: medium;">HotPatch-120-patch17-struts2-security-fix.tgz"</SPAN> two weeks ago on CCO but today it's gone...</SPAN></P></BODY></HTML> Mon, 27 Mar 2017 05:50:40 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529556#M530724 kahsieh 2017-03-27T05:50:40Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529557#M530726 <HTML><HEAD></HEAD><BODY><P>please work through the TAC</P></BODY></HTML> Mon, 27 Mar 2017 20:53:52 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529557#M530726 Jason Kunst 2017-03-27T20:53:52Z https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529558#M530728 <HTML><HEAD></HEAD><BODY><P>Jason is correct. Customers would not be able to directly use the hot patch for ISE 1.2.x (1.2.0 and 1.2.1) so need our TAC to help applying it.</P></BODY></HTML> Mon, 27 Mar 2017 22:57:03 GMT https://community.cisco.com/t5/network-access-control/ise-upgrade-for-cscvd49829/m-p/3529558#M530728 hslai 2017-03-27T22:57:03Z