Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3093
Views
1
Helpful
7
Replies

SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE

Go to solution
Hiago Mendes
Level 1
Level 1

‎05-08-2023 11:29 AM

Hi everyone! I had received a security report from Cisco for SNMP vulnerabilities that can affect devices running SNMP versions 1, 2c and 3. The report is here (REPORT CISCO)

The following MIBs are vulnerable:

  • ADSL-LINE-MIB
  • ALPS-MIB
  • CISCO-ADSL-DMT-LINE-MIB
  • CISCO-BSTUN-MIB
  • CISCO-MAC-AUTH-BYPASS-MIB
  • CISCO-SLB-EXT-MIB
  • CISCO-VOICE-DNIS-MIB
  • CISCO-VOICE-NUMBER-EXPANSION-MIB
  • TN3270E-RT-MIB

The question is.... If I type "sh snmp mib | b [MIB NAME]" and it doesnt appears... Can I assume my device is NOT running that MIB? I'm right?

Example:

Router#sh snmp mib | b CISCO-VOICE-NUMBER-EXPANSION-MIB

Router#

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Hiago Mendes

‎05-09-2023 03:34 PM

Looks your version is effected  - upgrade to 12.4(2)TXX

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp#fs

check section -  Cisco IOS and IOS XE Software  (by entering your IOS version )

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

7 Replies 7

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎05-08-2023 11:49 AM

may be not necessary that is correct.

can you post  show version and show run | inc snmp

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Hiago Mendes
Level 1
Level 1
In response to balaji.bandi

‎05-08-2023 12:00 PM

Its not one device but dozens. But one for example:


[...]

#show ver

Cisco IOS Software, 3800 Software (C3825-ADVENTERPRISEK9_SNA-M), Version 12.4(15)T, RELEASE SOFTWARE (fc3)

[...]

#sh run

[...]

snmp-server host x.x.x.x commkey
snmp-server host x.x.x.x version 2c commkey
snmp-server host x.x.x.x commkey2

[...]

snmp-server host x.x.x.x version 3 priv office

[...]

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Hiago Mendes

‎05-09-2023 03:34 PM

Looks your version is effected  - upgrade to 12.4(2)TXX

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp#fs

check section -  Cisco IOS and IOS XE Software  (by entering your IOS version )

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
shamrozakram18
Level 1
Level 1

‎05-17-2023 02:14 PM

SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE allow attackers to execute arbitrary code remotely on affected devices. The vulnerabilities affect certain versions of IOS and IOS XE and can be exploited by authenticated or unauthenticated attackers with network access. Cisco has released patches to address these vulnerabilities.

0 Helpful

Go to solution
Hiago Mendes
Level 1
Level 1
In response to shamrozakram18

‎05-19-2023 05:34 AM

These patches can be installed by updating IOS?

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to Hiago Mendes

‎06-25-2024 10:55 PM

IOS and IOS XE different, 

These patches can be installed by updating IOS?

not sure what patches we are referring here, you mean you can download ODI ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
songohan3548
Level 1
Level 1

‎06-06-2025 07:21 PM

Yes, you're right — if you run sh snmp mib | b [MIB NAME] and the MIB doesn't appear, it's a good indication that the device is not using or supporting that specific MIB. However, to be certain, also check the SNMP configuration and active features on the device.

0 Helpful
Customers Also Viewed These Support Documents
Top