Solved: Re: ISE Apache

zhiyuali · ‎01-09-2018

Who could tell me how to check the apache version in the ISE device?

Jason Kunst · ‎01-10-2018

This is not available via the CLI or open to someone directly that I know of. However you can check this document.

Can you tell us the concern?

https://www.cisco.com/c/dam/en/us/td/docs/security/ise/2-3/open_source/Cisco_Identity_Services_Engine_2_3.pdf

View solution in original post

Jason Kunst · ‎01-10-2018

This is not available via the CLI or open to someone directly that I know of. However you can check this document.

Can you tell us the concern?

https://www.cisco.com/c/dam/en/us/td/docs/security/ise/2-3/open_source/Cisco_Identity_Services_Engine_2_3.pdf

zhiyuali · ‎01-10-2018

Thanks for your reply.

If customer want to fix some bugs about apache, could you please tell me how to do it ?

Jason Kunst · ‎01-10-2018

Please work through the TAC

Craig Hyps · ‎01-10-2018

Note that as a hardened appliance, not a general purpose web server, there may be vulnerabilities which will not be applicable to ISE. For items where ISE is deemed vulnerable, we do issue security updates for open source code in our patches. Issues of very serious nature are flagged by PSIRTS.

zhiyuali · ‎01-11-2018

Thanks for your reply. Does it mean Apache vulnerable is not harmful for ISE?

Craig Hyps · ‎01-11-2018

It would depend on the issue/vulnerability. Some network ports or functions of code may not be enabled, used, or exposed externally.