12-14-2021 01:58 AM
For a highly critical, severe issue, Cisco is not very responsive to the questions.
When can we expect to have a fix or workaround?
Please keep us customers informed about the progress.
12-14-2021 02:24 AM
@Groenigen wrote:
Please keep us customers informed about the progress.
The security bulletin can be found here: Vulnerability in Apache Log4j Library Affecting Cisco Products
Currently, the bulletin is updated three times daily.
12-14-2021 02:36 AM
Hi Leo, I know that. But on the affected product sites there are no updates and no replies to the customer questions.
12-14-2021 02:40 AM - edited 12-14-2021 03:19 AM
@Groenigen wrote:
no replies to the customer questions.
If replies you want then you have but two choices: Raise a TAC Case and/or reach out to your Cisco AM/SE.
@Groenigen wrote:
But on the affected product sites there are no updates
Currently, this security bulletin is updated three times daily -- 1500 UTC/10:00 AM ET, 1900 UTC/2:00 PM ET, 2300 UTC/6:00 PM ET.
Next, scroll down to the bottom of the page to the Revision History section. There list of changes to this security bulletin is listed.
(We stood up a "crisis team" since Saturday. We are in the same boat with everyone one board. I would rather Cisco takes their time to address the fixes than rush an untested patch that could introduce more bugs or open more vulnerabilities.)
12-14-2021 10:11 AM
@Leo Laohoo does this impact all the version of Cisco ISE or to any specific versions only ?
12-14-2021 06:37 PM
@Network_Sarovani wrote:
@Leo Laohoo does this impact all the version of Cisco ISE or to any specific versions only ?
I am going to presume it will affect ALL Cisco ISE versions (regardless of patch number).
For updated clarification, raise a TAC Case.
12-15-2021 09:10 AM - edited 12-15-2021 09:16 AM
12-15-2021 09:15 AM
Hi all,
Cisco confirmed that all ISE versions are affected and there are dates for the updates:
Hotfix for 2.4 (17 Dec 2021)
Hotfix for 2.6 (17 Dec 2021)
Hotfix for 2.7 (16 Dec 2021)
Hotfix for 3.0 (16 Dec 2021)
Hotfix for 3.1 (18 Dec 2021)
You can find dettails here:
if you find it's helpfull, make it, so others can find it quickly.
12-15-2021 08:02 PM - edited 12-15-2021 08:03 PM
12-16-2021 04:21 AM - edited 12-16-2021 04:31 AM
I opened a TAC case with Cisco regarding version 2.6 and 3.0. The TAC engineer is absolutely clueless. The TAC engineer told me that there is no ETA on the patch release, he didn't even know that Cisco released the patch for 2.4 - 3.0 this morning:
ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz
ise-rollback-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz
Support from TAC is not very good
12-16-2021 04:53 AM
@adamscottmaster2013 wrote:
I opened a TAC case with Cisco regarding version 2.6 and 3.0. The TAC engineer is absolutely clueless. The TAC engineer told me that there is no ETA on the patch release, he didn't even know that Cisco released the patch for 2.4 - 3.0 this morning:
Contact your Cisco AM/SE.
12-16-2021 08:59 AM
I just applied the fix to my Cisco ISE 2.6 and the patch was successful installed but now I can no longer log into the ISE. I typed in my username and password and it stuck at "loading".
This is not good. You wonder how much QA has Cisco put into testing this thing.
12-16-2021 01:56 PM
@adamscottmaster2013 wrote:
You wonder how much QA has Cisco put into testing this thing.
With all the panic happening around, there is not enough time to test the patches against some of the known installation variables.
We did ours last night and we did not encounter any issues.
I recommend raising a TAC Case.
12-27-2021 06:11 AM
LOL... You must be working for Cisco.
What you're saying is that rush out the patch and break customer systems and let the customers deal with them?
12-27-2021 04:42 PM
@adamscottmaster2013 wrote:
What you're saying is that rush out the patch and break customer systems and let the customers deal with them?
No, that is not what I said.
If the ISE cluster broke, raise a TAC Case.
The patches did not break EVERYONE's deployment. It only broke a few.
@adamscottmaster2013 wrote:
You must be working for Cisco.
No, I do not.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide