04-19-2022 04:30 AM
Hi,
I am looking to see if my installed version of DNAC 2.2.3.4 is vulnerable to Spring4Shell.
The CVE: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb43648
It mentions 2.3.3.3 and DNAC-Ghost(unknown) and DNAC-Guardian(2.3.3.x) are vulnerable but I cannot see if 2.2.3.4 are hit as well.
Does anyone have any info on this?
Solved! Go to Solution.
04-20-2022 11:42 PM
It seems like only the 2.3.x.x line is hit so fare. Or at least only verified to be hit.
View solution in original post
04-19-2022 06:02 AM - edited 04-19-2022 06:05 AM
I rely on : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 in this situation and they mention DNAC but they dont fill up the version. We can see that they are still working on it as some platform has fixed release yet to be anounced.
I will keep an eye on it as well. Thanks for share.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
