Solved: CSCuv91356 - IOS XE for Cisco 4000 ISR Routers Privileged EXEC Mode Root Shell Access Vulnerability

NickJones12551 · ‎01-23-2020

Hi. On the bug ID page, for train and first fixed release, there is:
| 3.13S | 3.13.0aS, 3.13.2aS, 3.13.5aS, 3.13.7aS, 3.13.9S |
| 3.16S | 3.16.2aS, 3.16.2bS, 3.16.3S |
| 16.3 | 16.3.5b, 16.3.6 |
| 16.6 | 16.6.3

Would 3.13.1aS be vulnerable? Are there any vulnerable versions between 3.16.2aS and 3.16.2bS (can someone provide an example)? And are there any vulnerable versions between 16.3.5b and 16.3.6 (with an example)?

Thank you.

Leo Laohoo · ‎01-23-2020

Raise a TAC Case -- The information found in the Bug ID and the Security Bulletin is not clear.
NOTE: I wouldn't be going around running a router on the rebuild version of 3.13.1s. Look at the last "digit" of the version: It is a "1". This means it is prone to be buggy.
Look for a version where the last digit is higher than "3", like "4" and above.

View solution in original post

Leo Laohoo · ‎01-23-2020

Raise a TAC Case -- The information found in the Bug ID and the Security Bulletin is not clear.
NOTE: I wouldn't be going around running a router on the rebuild version of 3.13.1s. Look at the last "digit" of the version: It is a "1". This means it is prone to be buggy.
Look for a version where the last digit is higher than "3", like "4" and above.