10-22-2018 02:12 AM
Hello Gurus
i'm confused with mitigation information given in Cisco Advisory & Bugsearch pages for the CSCvh65876
On Advisory (https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-wlc-gui-privesc) it's said:
Cisco Wireless LAN Controller Major Software Release |
First Fixed Release for This Vulnerability | Recommended Release for This Vulnerability |
---|
8.3 | Available from TAC1 | Available from TAC1 |
while on Bugsearch (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvh65876) it's said that there are Fixed releases are available already (f.e. 8.3(143.6)). Also single Known Affected Releases 8.7(1.115) mentioned on the Bugsearch page obviously doesnt match 8.3 as mentioned in Advisory... Could anybody clarify on this please?
Solved! Go to Solution.
10-22-2018 03:07 AM
Never look at the details in the Bug ID: They are seldom updated and rarely accurate.
Always look at the Security Bulletin because it is regularly update.
The fix is to use the latest 8.5.X.X image, 8.5.135.0.
If you need to use 8.3.X.X then contact TAC so they can provide you an Engineering Release.
10-22-2018 03:07 AM
Never look at the details in the Bug ID: They are seldom updated and rarely accurate.
Always look at the Security Bulletin because it is regularly update.
The fix is to use the latest 8.5.X.X image, 8.5.135.0.
If you need to use 8.3.X.X then contact TAC so they can provide you an Engineering Release.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: