cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

201
Views
0
Helpful
2
Replies
Highlighted
NGJ Beginner
Beginner

Cisco PnP PKI API vulnerability on 2960s

Hi.  I’m working through security vulnerabilities identified on some of our switches. One in particular from the Cisco Sept 2017 advisories has been flagged. Cisco IOS Software Plug-and-Play PKI API Certificate Validation Vulnerability.

The advisory states to check by using ‘show pnp profile’. This command is not recognised. Also if I try under conf t, the commands ‘pnp enable’, ‘pnp profile…..’ are unrecognised.

 

Does this mean the feature isn’t supported/installed on our switches with this IOS version? I’ve read that the pnp agent is embedded in the switches, so not sure why the commands are not recognised.

The switches in question are 2960s with IOS 15.0(2)SE10a universal image. The Cisco bug check tool lists this vulnerability against the IOS version.

 

Could anyone clarify this for me. Many thanks

Everyone's tags (3)
2 REPLIES 2
Hall of Fame Community Legend

Re: Cisco PnP PKI API vulnerability on 2960s

Most likely you're not affected.
If you want to be sure, just raise a Cisco TAC Case.
NGJ Beginner
Beginner

Re: Cisco PnP PKI API vulnerability on 2960s

Ok Thanks Leo