Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
599
Views
20
Helpful
3
Replies

CSCvg76186 - Cisco Smart Install Remote Code Execution and Denial of Service Vulnerability - 6

VAIBHAVBHARDWAJ30047
Level 1
Level 1

‎09-25-2019 09:11 PM

I have two cisco WS-C4507R+E (MPC8572) processor (revision 11), currently running with system image  "bootflash:cat4500e-universal.SPA.03.06.07.E.152-2.E7.bin"

 

I want to fix this vulnerability, kindly suggest firmware or system image version which has the fix. If possible kindly provide the link for download.

 

I have attached the file for more detail.

 

Thank you.

Labels:
Preview file
2 KB
3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

‎09-25-2019 11:30 PM

Use the command "no vstack" or "no vstack config" to disable this feature.

VAIBHAVBHARDWAJ30047
Level 1
Level 1
In response to Leo Laohoo

‎09-25-2019 11:42 PM

Thanks. I have one more query. If I disable this feature then this vulnerability will be detected by security tools which are used to find vulnerabilities?

 

What is your opinion?

Leo Laohoo
Hall of Fame
Hall of Fame
In response to VAIBHAVBHARDWAJ30047

‎09-26-2019 01:25 AM

Smart Install isn't just switches. It is switches and routers.
The command must be added to all routers and switches.
If you really want to do an IOS upgrade, then look for IOS/IOS-XE files that were published AFTER June 2018. IOS files published after June 2018 does not support Smart Install.
Customers Also Viewed These Support Documents