Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
738
Views
5
Helpful
1
Replies

CSCvi42331 - Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability

hz
Level 1
Level 1

‎03-26-2019 08:09 AM

our Nexus 7700 series are running at below code, I am wondering if a upgrade is needed? because I don't notice the current code is affected or not.

 

Software
  BIOS:      version 3.1.0
  kickstart: version 7.3(2)D1(1)
  system:    version 7.3(2)D1(1)
  BIOS compile time:       02/27/2013
  kickstart image file is: bootflash:///n7700-s2-kickstart.7.3.2.D1.1.bin
  kickstart compile time:  6/30/2017 23:00:00 [06/29/2017 00:56:25]
  system image file is:    bootflash:///n7700-s2-dk9.7.3.2.D1.1.bin
  system compile time:     6/30/2017 23:00:00 [06/29/2017 03:08:28]


Hardware
  cisco Nexus7700 C7706 (6 Slot) Chassis ("Supervisor Module-2")
  Intel(R) Xeon(R) CPU         with 32940104 kB of memory.
  Processor Board ID JAE20470388

0 Helpful
1 Reply 1

Andrea Testino
Cisco Employee
Cisco Employee

‎04-01-2019 08:41 AM

Hi there,

 

7.3(2)D1(1) would be affected by this vulnerability. If you visit the security advisory site referenced in the bug: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190306-nxos-file-access you can see that the first fixed release listed for N7K/N77 is 7.3(3)D1(1).

 

Hope that helps!

- Andrea, CCIE #56739 R&S
Customers Also Viewed These Support Documents