Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
664
Views
0
Helpful
5
Replies

Messaging Quick Link Error after applying hot patch

Abdulaziz Loonat
Level 1
Level 1

‎06-21-2025 11:12 AM

Have 3 nodes running v3.2 Patch 7

1 node in Azure

2 nodes physical devices

Applied this hotpatch to the Azure node

Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-aws-static-cred-FPMjUcm7

Now I am getting an alert Quick Link Error/Messaging Service Cause={auth_failure;"access_refused - Login Was Refused Using Authentication Mechanism Plain. For Details See The Broker Logfile

This onl;y happened after the hot patch was installed, as far as I am aware as the advisory is related to cloud hosted Azure nodes, I dont need to install it on the other 2 physical nodes.

I have checked and all services are running within ISE

Anyone else seen this error after applying the hot patch.

0 Helpful
5 Replies 5

Mark Elsen
Hall of Fame
Hall of Fame

‎06-21-2025 11:46 PM

 

  - @Abdulaziz Loonat  When that happens ; check outputs from :
                                                                           show logging system ade/ADE.log
                                                                                      show logging application ise-messaging/ise-messaging.log

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Abdulaziz Loonat
Level 1
Level 1

‎06-24-2025 01:38 AM

I have checked the logs and error relates to authentication

RabbitMQ System Event: user.authentication.failure

The issue only occured after I applied the hot patch to resolve the vulnerability

I have also checked and confirmed all ports are listening for the Message Link Queue

0 Helpful

Mark Elsen
Hall of Fame
Hall of Fame
In response to Abdulaziz Loonat

‎06-24-2025 01:56 AM

 

 - @Abdulaziz Loonat   This looks to be an internal issue : for  instance  this can happen if the credentials are  outdated, or if the user does not have the necessary permissions to access the RabbitMQ server. 
                           Basic action : contact TAC ,  provide all info's and or the troubleshooting (logs) that you did  already

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Abdulaziz Loonat
Level 1
Level 1

‎07-17-2025 08:07 AM

TAC are on the case and still unable to determine the cause. Am I the only organisation after applying the hotfix is getting is error, I am sure other customers will have had same issue and this I assume should have been an internal advisory for support on the fix to this issue

0 Helpful

Marcelo Morais
VIP
VIP

‎07-17-2025 11:20 PM

Hi @Abdulaziz Loonat ,

 you said that 1x Node in Azure and 2x Nodes in Physical Devices, please remember that:

" ...  If the PPAN (Primary PAN) Node is deployed in the cloud, then Cisco ISE is affected by this vulnerability. If the PPAN Node is on-premises, then it is not affected ... "

 

Hope this helps !!!

 

0 Helpful
Customers Also Viewed These Support Documents