01-13-2022 07:33 AM
Security scan has flagged a Vulnerability on ISE: CVE-2011-3389 TLS/SSL Server is enabling the Beast attack. But I cannot see any remediation from Cisco and I saw https://quickview.cloudapps.cisco.com/quickview/bug/CSCul12855 and ISE is not part of the affected product. Any ideas on how to remediate the issue?
The ISE instance is currently in Azure, so Im thinking that its the actual VM where the ISE is hosted that has the vulnerability and not the actual ISE, the current instance version is 2.4.0.35.
Any help will be appreciated
01-18-2022 12:33 PM
First, have you installed the latest Patch #14 for ISE 2.4.0.357 from https://cs.co/ise-software to see if it is still a problem?
Also, ISE is not supported in Azure today unless you are using ISE 3.x on VMware Cloud.
I don't understand "its the actual VM where the ISE is hosted that has the vulnerability and not the actual ISE".
Please confirm that it is the ISE box or another VM in Azure.
01-30-2022 08:27 AM
CSCul12855 is on Cisco TelePresence Video Communication Server (VCS), Cisco TelePresence Video Communication Server Software, but not on ISE.
For ISE, please refer to CSCty91856 and CSCui72263.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide