Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1621
Views
0
Helpful
7
Replies

IOS XE 9300 WLAN September Security Updates?

webabc123
Level 1
Level 1

‎10-19-2021 09:41 AM - edited ‎10-19-2021 09:42 AM

Which version of IOS patches this advisory?

Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Execution Vulnerability

 

I can't find any IOS XE version released around the date of the advisory.  The newest version I see is from July and I don't see anything that says what specifically fixes the issue other than applying a vaguely mentioned update with no details.

0 Helpful
7 Replies 7

Leo Laohoo
Hall of Fame
Hall of Fame

‎10-19-2021 06:25 PM

At the bottom of the Security Bulletin is a Software Checker, did anyone made any attempt (even tried) to check?

0 Helpful

webabc123
Level 1
Level 1
In response to Leo Laohoo

‎10-19-2021 06:33 PM - edited ‎10-19-2021 06:36 PM

Why not just list the minimum version numbers plainly? No need to hide it behind  a puzzle or CAPTCHA exercise.

A simple list of affected or patched versions would make sense or just say “upgrade to at least ‘X’ version or higher to address the vulnerability.”

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to webabc123

‎10-19-2021 10:28 PM

@webabc123 wrote:

Why not just list the minimum version numbers plainly?

¯\_(ツ)_/¯ 

0 Helpful

webabc123
Level 1
Level 1
In response to Leo Laohoo

‎10-20-2021 11:17 AM

I still don’t have an answer.

Even after entering a version number, being redirected to another page with a captcha and the completing the captcha, the results didn’t say whether or not the version is safe from the vulnerability.  Instead it only referred to a vulnerability for 2019.

 

0 Helpful

webabc123
Level 1
Level 1
In response to Leo Laohoo

‎10-20-2021 11:18 AM - edited ‎10-20-2021 11:19 AM

 

I still don’t have an answer.

Even after entering a version number, being redirected to another page with a captcha and then completing the captcha, the results didn’t say whether or not the version is safe from the vulnerability.  Instead it only referred to a vulnerability for 2019.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to webabc123

‎10-20-2021 02:45 PM

I have tested the software verification check and it works.

0 Helpful

webabc123
Level 1
Level 1
In response to Leo Laohoo

‎10-20-2021 03:01 PM

Why does it list another old vulnerability by name, but not mention this vulnerability by name?

Why is it difficult to just post a list of versions that are patched against the vulnerability right in the advisory or else post a link in the advisory to another page with that info?

41871B1F-5C22-4D19-A577-94572F74914E.jpeg

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card