cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
934
Views
10
Helpful
1
Replies
Beginner

CSCvh32390 - Evaluation of n7k-platform for CPU Side-Channel Information Disclosure Vulnerabil

What if the IOS version is lower than the known affected release (8.2.1)? Is still affected by this exploit? Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Re: CSCvh32390 - Evaluation of n7k-platform for CPU Side-Channel Information Disclosure Vulnerabil

I had this same question and directed my queries to TAC. The below is their response:

 

"The OAC feature was first introduced in version 7.3(0)D1(1). The bash-shell feature, which provides access directly to the kernel of the switch, is introduced in version 8.1(1). Please keep in mind that only admin users have access to either of those features and non-privileged users will not be able to take advantage of those vulnerabilities. If you do not run either of those features, you are not vulnerable to either Meltdown or Spectre.

Particularly, you are vulnerable to those two from 7.3(0)D1(1) if you are using the OAC feature."

 

So as long as you do not have the features enabled, then you should not be vulnerable to the bugs. 

1 REPLY 1
Beginner

Re: CSCvh32390 - Evaluation of n7k-platform for CPU Side-Channel Information Disclosure Vulnerabil

I had this same question and directed my queries to TAC. The below is their response:

 

"The OAC feature was first introduced in version 7.3(0)D1(1). The bash-shell feature, which provides access directly to the kernel of the switch, is introduced in version 8.1(1). Please keep in mind that only admin users have access to either of those features and non-privileged users will not be able to take advantage of those vulnerabilities. If you do not run either of those features, you are not vulnerable to either Meltdown or Spectre.

Particularly, you are vulnerable to those two from 7.3(0)D1(1) if you are using the OAC feature."

 

So as long as you do not have the features enabled, then you should not be vulnerable to the bugs. 

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards