01-22-2018 10:47 PM - edited 03-20-2019 09:50 PM
What if the IOS version is lower than the known affected release (8.2.1)? Is still affected by this exploit? Thanks!
Solved! Go to Solution.
01-31-2018 07:11 AM
I had this same question and directed my queries to TAC. The below is their response:
"The OAC feature was first introduced in version 7.3(0)D1(1). The bash-shell feature, which provides access directly to the kernel of the switch, is introduced in version 8.1(1). Please keep in mind that only admin users have access to either of those features and non-privileged users will not be able to take advantage of those vulnerabilities. If you do not run either of those features, you are not vulnerable to either Meltdown or Spectre.
Particularly, you are vulnerable to those two from 7.3(0)D1(1) if you are using the OAC feature."
So as long as you do not have the features enabled, then you should not be vulnerable to the bugs.
01-31-2018 07:11 AM
I had this same question and directed my queries to TAC. The below is their response:
"The OAC feature was first introduced in version 7.3(0)D1(1). The bash-shell feature, which provides access directly to the kernel of the switch, is introduced in version 8.1(1). Please keep in mind that only admin users have access to either of those features and non-privileged users will not be able to take advantage of those vulnerabilities. If you do not run either of those features, you are not vulnerable to either Meltdown or Spectre.
Particularly, you are vulnerable to those two from 7.3(0)D1(1) if you are using the OAC feature."
So as long as you do not have the features enabled, then you should not be vulnerable to the bugs.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: