Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1012
Views
25
Helpful
3
Replies

CSCvg56762 - Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability

Christian Jorge
Level 1
Level 1

‎11-27-2019 10:14 AM

Good morning

Advisory informs: "At the time of publication, this vulnerability affected Cisco routers running a vulnerable release of Cisco IOS or IOS XE Software with the RADIUS Change of Authorization feature configured"

 

and also "there's no workaroud" .

How can I check in IOS-XE if this 'RADIUS Change of Authorization feature" is really configured or active on device?

 

Regards

 

Christian

Labels:
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-01-2019 12:45 AM

Read Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability and scroll down to the bottom of the page where one can check if the IOS/IOS-XE is affected by this bug (or not).

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-01-2019 03:10 AM

@Leo Laohoo 's suggestion will tell if your IOS-XE is potentially vulnerable.

If you have configured the global command "dot1x system-auth-control" and related interface commands (typically used with ISE or other NAC solution) then the vulnerability is active on your device.

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-xe-3se-3850-cr-book/sec-d1-xe-3se-3850-cr-book_chapter_01.html#wp1782812608

anchambe
Cisco Employee
Cisco Employee
In response to Marvin Rhoads

‎01-09-2020 11:56 AM

The command that you are looking for is if "aaa server radius dynamic-author" is configured. The RADIUS implementation on the IOS device won't be listening for COA messages otherwise.

Customers Also Viewed These Support Documents