I am looking to see if my installed version of DNAC 184.108.40.206 is vulnerable to Spring4Shell.
The CVE: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwb43648
It mentions 220.127.116.11 and DNAC-Ghost(unknown) and DNAC-Guardian(2.3.3.x) are vulnerable but I cannot see if 18.104.22.168 are hit as well.
Does anyone have any info on this?
Go to Solution.
It seems like only the 2.3.x.x line is hit so fare. Or at least only verified to be hit.
View solution in original post
I rely on : https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 in this situation and they mention DNAC but they dont fill up the version. We can see that they are still working on it as some platform has fixed release yet to be anounced.
I will keep an eye on it as well. Thanks for share.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: