Cisco Community
English
Register
Great changes are coming to Cisco Community in July. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
1381
Views
35
Helpful
5
Replies
dgoodenberger
Beginner
Beginner
‎12-14-2021 09:35 AM
‎12-14-2021 09:35 AM

CSCwa47322 - Eval of enterprise_sdn for Log4j RCE (Log4Shell) Vuln

Are Shockwave/Fury/Cyclops internal code names for DNAC releases?  Would you please provide version numbers as well, so I have something to compare against my installed version?  Thanks!

Labels:
2 people had this problem
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions
Tomas de Leon
Cisco Employee
Cisco Employee
‎12-14-2021 10:25 AM
‎12-14-2021 10:25 AM 

Known Affected Releases (4)
DNAC-Cyclops (2.1.2.0, 2.1.2.3, 2.1.2.4, 2.1.2.5, 2.1.2.6, 2.1.2.7)
DNAC-Fury (2.2.2.0, 2.2.2.1, 2.2.2.3, 2.2.2.4, 2.2.2.5, 2.2.2.6, 2.2.2.7)
DNAC-Shockwave (2.2.3.0, 2.2.3.3)
DNAC-Frey (2.3.2.0)
DNAC-Guardian (not available yet and not versioned)

 

Updates will be refreshed here:

Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd?s=09

Cisco DNA Center (CSCwa47322)
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322

 

View solution in original post

5 REPLIES 5
Tomas de Leon
Cisco Employee
Cisco Employee
‎12-14-2021 10:25 AM
‎12-14-2021 10:25 AM 

Known Affected Releases (4)
DNAC-Cyclops (2.1.2.0, 2.1.2.3, 2.1.2.4, 2.1.2.5, 2.1.2.6, 2.1.2.7)
DNAC-Fury (2.2.2.0, 2.2.2.1, 2.2.2.3, 2.2.2.4, 2.2.2.5, 2.2.2.6, 2.2.2.7)
DNAC-Shockwave (2.2.3.0, 2.2.3.3)
DNAC-Frey (2.3.2.0)
DNAC-Guardian (not available yet and not versioned)

 

Updates will be refreshed here:

Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd?s=09

Cisco DNA Center (CSCwa47322)
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322

 

Sylvain_Che
Beginner
Beginner
‎12-23-2021 06:35 AM
‎12-23-2021 06:35 AM

@Tomas de LeonDNAC2.2.2.8 is marked both as Affected and Fixed release.

Can you please confirm if this release is affected or not?

 

Thanks.

Sylvain.

0 Helpful
Tomas de Leon
Cisco Employee
Cisco Employee
In response to Sylvain_Che
‎12-23-2021 07:09 AM
‎12-23-2021 07:09 AM

Sylvain,

That is a glitch in the reporting and is to be fixed.

Please refer to:

 

Release Notes for Cisco DNA Center, Release 2.2.2.x
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/2-2-2/release_notes/b_cisco_dna_center_rn_2_2_2.html#Cisco_Concept.dita_1aac2b20-6a07-4b8c-b77e-0e8a218d50a3

 

CSCwa47322 - Evaluation of enterprise_sdn for Log4j RCE (Log4Shell) Vulnerability vulnerability
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47322

 

RN-CiscoDNACenter2.2.2.8.png

wanwa01
Beginner
Beginner
‎12-29-2021 06:07 PM
‎12-29-2021 06:07 PM

Hi guys,

I got DNAC box running 1.3.3.7

can someone pls confirm if this version affected as well? It seems no stated in the affected list.

0 Helpful
Tomas de Leon
Cisco Employee
Cisco Employee
In response to wanwa01
‎12-29-2021 07:18 PM
‎12-29-2021 07:18 PM

Yes, 1.3.3.x is affected.

A would suggest planning your maintenance windows so that you can upgrade to either versions 2.2.2.8 or 2.2.3.4.

0 Helpful
Latest Contents
Cisco Champion Radio: Cisco Validated Delivers Value
Created by Amilee San Juan on 03-30-2022 03:15 PM
0
0
0
0
Listen: https://smarturl.it/CCRS9E12Follow us: https://twitter.com/CiscoChampion  Do you have the responsibility to prepare, plan, design, implement, and operate complex solution environments? If so, you understand the need to leverage any available ... view more
Introduction to Guided Workflow
Created by Buddy Priest on 03-03-2022 06:20 AM
0
0
0
0
Introduction to Guided Workflow Guided Workflow is a new addition to case creation in Support Case Manager to augment the Intelligent RMA Experience. The objective of Guided Workflow is to to collect all pertinent case and RMA details to AUTOMATE RMA crea... view more
UCS Guided Workflow Experience
Created by Buddy Priest on 09-14-2021 10:31 AM
0
0
0
0
Guided workflow allows for automated troubleshooting cases (non-RMA) and RMA creation process for Service Requests (SR) opened for Cisco products. Customer Benefits: Less troubleshooting - the IRE (Intelligent RMA Experience) Prediction Engine does ... view more
Asset Recovery EMEAR Guide
Created by achernev on 06-17-2021 06:27 AM
0
0
0
0
1. Asset Recovery EMEAR - Scope2. Cisco Returns Portal – Quick Overview3. Update your RMA – Options and Walkthrough4. POWR Tool and How to Return - Quick guide and Scenarios5. Returned but not closed - Frequent Scenarios6. I cannot return my faulty part. ... view more
CSCud62892 - UCCX Maximum Length of Agent IDs Inconsistent
Created by Michael Hargrove on 04-14-2021 10:20 AM
0
5
0
5
This issue has been resolved in 12.5(1) SU1 Unified CCX now supports Agent ID with 64 alphanumeric characters.
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad