05-08-2018 06:44 AM - edited 03-17-2019 12:46 PM
Hi ,
Could any one help me to identify this ios version 15.1(4)M12a is affected by
Vulnerable to CVE ID-2018-0171
Vulnerable to CVE ID-2018-0150
Vulnerable to CVE ID-2018-0151
I tried with the Cisco vulnerability checker .However it didn't populate any result.
Solved! Go to Solution.
05-08-2018 01:25 PM
Hi there
Vulnerable to CVE ID-2018-0171
Vulnerable Products
This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or IOS XE Software and have the Smart Install client feature enabled.
Only Smart Install client switches are affected by the vulnerability that is described in this advisory. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability.
For a list of devices that support Smart Install, see Smart Install Configuration Guide - Supported Devices.
For information about which Cisco IOS and IOS XE Software releases are vulnerable, see the Fixed Software section of this advisory.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
Smart Install client functionality is enabled by default on switches that are running Cisco IOS Software releases that have not been updated to address Cisco bug ID CSCvd36820.
Vulnerable to CVE ID-2018-0150
Vulnerable Products
This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. This vulnerability does not affect Cisco IOS XE Software releases prior to Release 16.x.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc
Vulnerable to CVE ID-2018-0151
The device may be affected by this vulnerability if the show udp command returns output similar to the following example:
Router> show udp
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 0.0.0.0 0 --any-- 18999 0 0 11 0
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-qos
Hope this helps!
Cheers
Rath!
***Please rate helpful posts***
05-08-2018 01:25 PM
Hi there
Vulnerable to CVE ID-2018-0171
Vulnerable Products
This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or IOS XE Software and have the Smart Install client feature enabled.
Only Smart Install client switches are affected by the vulnerability that is described in this advisory. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability.
For a list of devices that support Smart Install, see Smart Install Configuration Guide - Supported Devices.
For information about which Cisco IOS and IOS XE Software releases are vulnerable, see the Fixed Software section of this advisory.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
Smart Install client functionality is enabled by default on switches that are running Cisco IOS Software releases that have not been updated to address Cisco bug ID CSCvd36820.
Vulnerable to CVE ID-2018-0150
Vulnerable Products
This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. This vulnerability does not affect Cisco IOS XE Software releases prior to Release 16.x.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc
Vulnerable to CVE ID-2018-0151
The device may be affected by this vulnerability if the show udp command returns output similar to the following example:
Router> show udp
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 0.0.0.0 0 --any-- 18999 0 0 11 0
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-qos
Hope this helps!
Cheers
Rath!
***Please rate helpful posts***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide