cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
481
Views
2
Helpful
3
Replies

CSCvx64514 - Cisco IOS XE Software for Cisco Catalyst Switches Informa

Ernesto.Avila
Level 1
Level 1

Regarding this bug, Does the password-recovery disable feature should be disabled in order to exploit this vulnerability?

Determine Whether the Password-Recovery Disable Feature is Enabled

To determine whether the password-recovery disable feature is enabled, log in to the device and use the show romvar | include SWITCH_DISABLE_PASSWORD_RECOVERY CLI command. The following example shows the output of a device that has the password-recovery disable feature enabled (SWITCH_DISABLE_PASSWORD_RECOVERY value is "1"):

Switch# show romvar | include SWITCH_DISABLE_PASSWORD_RECOVERY
SWITCH_DISABLE_PASSWORD_RECOVERY="1"

If the value is "0" or the SWITCH_DISABLE_PASSWORD_RECOVERY is not shown in the show romvar CLI command, the password-recovery disable feature is not enabled.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO

1 Accepted Solution

Accepted Solutions

Leo Laohoo
Hall of Fame
Hall of Fame

It should be set to 0.

View solution in original post

3 Replies 3

Leo Laohoo
Hall of Fame
Hall of Fame

It should be set to 0.

networkopwest
Level 1
Level 1

How to set 0, appreciate if you can provide the CLI to set 0

 

conf t
 no system ignore startupconfig switch all
end
wr