03-15-2017 11:58 AM
Ok, WTH does this mean: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd49829
Releases 1.2, 1.3, 1.4 and 2.x are affected. A hot patch for these releases will be provided by the 18th of March.
The hot patch will only work on the latest release for each train. Customers need to upgrade to the latest release before applying the patch
Customers run 2.0 patch 4, is that the ‘latest release for that train’? Or are they demanding 2.2? Or 2.0.1? Or, we have to wait until March 18th to find out?
Solved! Go to Solution.
03-16-2017 04:46 AM
This means that you have to be running the latest patch for your version.
ISE 2.0 Patch 4
ISE 2.0.1 Patch 3
ISE 2.1 Patch 3
ISE 2.2 No Current Patches
You do NOT have to upgrade your version of ISE to install the Hotfix.
03-16-2017 04:46 AM
This means that you have to be running the latest patch for your version.
ISE 2.0 Patch 4
ISE 2.0.1 Patch 3
ISE 2.1 Patch 3
ISE 2.2 No Current Patches
You do NOT have to upgrade your version of ISE to install the Hotfix.
03-16-2017 10:29 AM
Thanks Charles!
Lou
03-20-2017 02:17 AM
Hi,
March 18 has passed, where can the hot patch be found?
Thanks
Gert
03-20-2017 10:37 AM
what version of ISE?
03-20-2017 11:45 AM
03-20-2017 11:57 AM
No need to open TAC cases for this. The patches will be available at CCO. Please see the ISE entry @ Apache Struts2 Jakarta Multipart Parser File Upload Code Execution Vulnerability Affecting Cisco Products to track its availability.
03-22-2017 07:36 PM
My customer uses ISE version 1.2.1.198 ,is that the ‘latest release for that train’?
and I haven't installed all patch Version ,Do I need to install the latest patch?
thank you
cheer
03-23-2017 08:20 AM
Yes you will need to update to latest patch.
http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191
Also work with them to get off ISE 1.2
03-23-2017 11:17 PM
HI Jason,
My customer uses ISE version 1.2.1.198 ,is that the ‘latest release for that train’?
Do I need to upgrade the version before I install install the latest patch?
THANK YOU
03-24-2017 09:19 AM
As stated before please refer to the release notes, patch 8 is the latest patch and yes you will need to install that, 1.2.1.198 is the version of ISE not the patch version, please again read the release notes
http://www.cisco.com/c/en/us/td/docs/security/ise/1-2/release_notes/ise12_rn.html#pgfId-637191
03-24-2017 05:35 PM
03-24-2017 05:43 PM
Refresh the browser? They are under Struts2-CVE-Fixes.
03-25-2017 05:00 AM
03-25-2017 10:33 AM
To patch ISE 1.2.x needs Cisco TAC assistant. Please open a TAC case, if not already done.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide