Re: DNAC 2.2.3.4 and Python version

roberto.tyf · ‎03-08-2022

The Python that is installed, is on version Python 2.7.17, which is end of life and not supported anymore, so it flags in vulnerability scans, like NESSUS scan as "Python Unsupported Version Detection". Is there any plans for the DNAc to use a supported or latest version of Python?

Flavio Miranda · ‎03-08-2022

Well, you may see that there´s the command pip in your DNAC cli. which means, you can upgrade your Python from that. However, you DNAC must have internet access.

In the same way, the vulnerabilities you mentioned, will be exploited only if your server is wide open on the internet.

Dan Rowe · ‎03-09-2022

2.2.3.4 has both Python 2.7.17 and 3.6.9

$ python --version

Python 2.7.17

$ python3 --version

Python 3.6.9

Parthiv Shah · ‎03-09-2022

Never install PIP or any other software from community or outside. If you do that then you have an excellent recipe for your Cisco DNAC upgrade to fail or unexpected behavior.

If you have to report any vulnerabilities, open Service request with TAC or ask question here but DO NOT modify things on your own.

roberto.tyf · ‎03-10-2022

report this issue with TAC, and they openned a defect:

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa64085

No workaround for the moment.

robertg1234 · ‎05-18-2022

Pending fix, I need to block/disable the port. How do I do that? Thanks!