Cisco AMP bug info wanted

Rick Rowe · ‎11-08-2016

Team, got the email of a bug for amp. Anyone got the BugID, details, or severity? Thx, Rick
Cisco AMP for Endpoints Announcement - AMP for Endpoints Connector downloads --- A bug has been identified in the installer of AMP for Endpoints Connector for Windows between versions 4.2 and 5.0.7. Version 4.1.4 has now been made available for download, which is not affected by this issue. Mac, Linux and Android Connectors are not affected. A new build of the Connector will be provided as soon as possible.

David Janulik · ‎11-09-2016

Rick,

As reported in the announcement, the new build will be provided soon. We will post the CDETS BUG number as soon as we have it.

Cyber security escalation engineer

David Janulik · ‎11-09-2016

The link will be active within 24hours for public visible BUG.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvc04145

Please note that 5.0.7 is now available on the NAM and EU portals, for new install or upgrade.

Cyber security escalation engineer

Rick Rowe · ‎11-09-2016

I tried the bug search for your CSCvc04145 and got: Bug CSCvc04145 does not exist.

My email also showed the 5.0.7 was also affected. Maybe 5.0.8 due soon ?

David Janulik · ‎11-09-2016

The link for the BUG will be active after 24hours, please check the BUG tomorrow.

Please use 5.0.7 version for any new deployments or upgrades.

Cyber security escalation engineer

doran1801 · ‎11-10-2016

I've just deployed 5.0.7 as an upgrade, i have lost device trajectory from the console.

Testing 5.0.7 as a fresh install does not present the same issue.

Any ideas?

David Janulik · ‎11-10-2016

The reason could be a new GUID generated for this device. To investigate further, please open a TAC ticket.

Cyber security escalation engineer

doran1801 · ‎11-10-2016

thanks, hope so, we have a 50k deployment plan for next week, this might really put a spanner in the works if we have to repackage!

ermpower2007 · ‎11-09-2016

Given the announcement came out with a note to downgrade to 4.1 until the bug was resolved it would be nice to know what the bug is given the level of urgency that can be read from your notice.

Well aware the new version is now out but I would still like to know (yesterday) what the issue is/was so I can plan the urgency of the upgrade - would also be annoyed if I had downgraded yesterday to 4.1 only to see the resolution announced today.

Rick Rowe · ‎11-14-2016

Got the bug info now, "Some clients cannot boot after installing AMP for Endpoints Connector for Windows" - CSCvc04145. So the issue is only on deployment? Not on any other reboots after the fact? Now it says the issue is with Windows between versions 4.2 and 5.0.5. Prior and later versions are not affected. So a 507 deployment should be ok? Upgrades not an issue or is that an install also?

stabulic · ‎11-15-2016

The bug was manifesting when the local.xml was corrupted and affecting updates of connectors. But it is now fixed for all versions that you can download from portal. However as always we encourage to use latest connector which is for now 5.0.7.

sorianto · ‎11-15-2016

Hi Rick, all of the "no boot after restart" related issues with the Win-Connector have been resolved. You can go ahead and perform a 5.0.7 deployment for sure.

amuncey@maconnc.org · ‎02-06-2019

I found 2 vulnerabilities today and need to know how to report them for bug bounty. Getting the run around trying to determine eligibility for CISCO amp for endpoints.

Matthew Franks · ‎02-07-2019

The following document may contain the information you're looking for:
https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html

Thanks,

Matt