Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3460
Views
5
Helpful
2
Replies

ISE Azure Vulnerabilites

tcp_analysis_flags_eq_1
Level 1
Level 1

‎01-13-2022 07:33 AM

Security scan has flagged a Vulnerability on ISE: CVE-2011-3389 TLS/SSL Server is enabling the Beast attack. But I cannot see any remediation from Cisco and I saw https://quickview.cloudapps.cisco.com/quickview/bug/CSCul12855 and ISE is not part of the affected product. Any ideas on how to remediate the issue?

 

The ISE instance is currently in Azure, so Im thinking that its the actual VM where the ISE is hosted that has the vulnerability and not the actual ISE, the current instance version is 2.4.0.35.

 

Any help will be appreciated  

0 Helpful
2 Replies 2

thomas
Cisco Employee
Cisco Employee

‎01-18-2022 12:33 PM

First, have you installed the latest Patch #14 for ISE 2.4.0.357 from https://cs.co/ise-software to see if it is still a problem?

Also, ISE is not supported in Azure today unless you are using ISE 3.x on VMware Cloud.

I don't understand "its the actual VM where the ISE is hosted that has the vulnerability and not the actual ISE".

Please confirm that it is the ISE box or another VM in Azure.

 

0 Helpful

hslai
Cisco Employee
Cisco Employee

‎01-30-2022 08:27 AM

CSCul12855 is on Cisco TelePresence Video Communication Server (VCS), Cisco TelePresence Video Communication Server Software, but not on ISE.

For ISE, please refer to CSCty91856 and CSCui72263.

 

Customers Also Viewed These Support Documents