cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
420
Views
0
Helpful
2
Replies

Cisco ISE 3.4.0.608 Vulnerability

jm-barreto
Level 1
Level 1

Greetings 

My vulnerability Scan show that my ISE server have 2 vulnerability in version 3.4.0.608

 

PKIX-SSH Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
 
"Update to version 14.4 or later.
 
  Notes:
 
  - Client and Server implementations need to run a fixed version to mitigate this flaw
 
  - Please create an override for this result if an adequate mitigation (e.g. in form of disabling
  the affected ciphers) has been applied and the risk is accepted that the mitigation won't be
  reverted again in the future"
 
CVE-2023-48795
 
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
SSL/TLS: Renegotiation DoS Vulnerability (CVE-2011-1473, CVE-2011-5094)
 
"Users should contact their vendors for specific patch information.
 
  A general solution is to remove/disable renegotiation capabilities altogether from/in the affected
  SSL/TLS service."
 
CVE-2011-1473,CVE-2011-5094
 
"The flaw might make it easier for remote attackers to cause a
  DoS (CPU consumption) by performing many renegotiations within a single connection."


Its there any fix or patch upgrade to fix this? I mostly use the ISE for Device Administration (TACACS)


Thanks in advance

2 Replies 2

What patch level of 3.4? Note that Cisco uses a customized version of OpenSSH. These are most likely false positives.

Hi @jm-barreto ,

 please take a look at: Cisco Security Advisories - Identity Services Engine.

 

Note: I didn't find the CVE-2011-1473, CVE-2011-5094 or CVE-2023-48795.

 

Hope this helps !!!