Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
19875
Views
15
Helpful
9
Replies

Any impact of log4j vulnerability on Cisco Small Business routers?

Go to solution
GKToronto
Level 1
Level 1

‎12-12-2021 06:20 AM

A couple of days ago, there was a disclosure of a critical vulnerability in the Apache Log4j logging library. Cisco put out an advisory:

 

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

 

but it didn't mention Small Business Routers (the RV series) at all, either as affected or as confirmed to be NOT vulnerable.

 

Does anyone know if the RV series software is being examined to make sure it's not vulnerable?

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
GKToronto
Level 1
Level 1

‎12-18-2021 03:52 AM

Just to update this thread, the Cisco page at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

has been updated, and they confirmed that that all of the RV series routers were NOT VULNERABLE, which is great news. See the list of models under "Routing and Switching - Small Business" in the "Products Confirmed Not Vulnerable" section, which listed (at the time of this post):

 

Routing and Switching - Small Business

  • Cisco 220 Series Smart Plus Switches
  • Cisco 250 Series Smart Switches
  • Cisco 350 Series Managed Switches
  • Cisco 550 Series Stackable Managed Switches
  • Cisco Business 220 Series Smart Switches
  • Cisco Business 250 Series Smart Switches
  • Cisco Business 350 Series Managed Switches
  • Cisco Business Dashboard
  • Cisco RV110W Wireless-N VPN Firewall
  • Cisco RV130 VPN Router
  • Cisco RV130W Wireless-N Multifunction VPN Router
  • Cisco RV132W ADSL2+ Wireless-N VPN Router
  • Cisco RV134W VDSL2 Wireless-AC VPN Router
  • Cisco RV160 VPN Router
  • Cisco RV160W Wireless-AC VPN Router
  • Cisco RV215W Wireless-N VPN Router
  • Cisco RV260 VPN Routers
  • Cisco RV260P VPN Router with PoE
  • Cisco RV260W Wireless-AC VPN Router
  • Cisco RV320 Dual Gigabit WAN VPN Router
  • Cisco RV325 Dual Gigabit WAN VPN Router
  • Cisco RV340 Dual WAN Gigabit VPN Router
  • Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router
  • Cisco RV345 Dual WAN Gigabit VPN Router
  • Cisco RV345P Dual WAN Gigabit POE VPN Router
  • Cisco Small Business 200 Series Smart Switches
  • Cisco Small Business 300 Series Managed Switches
  • Cisco Small Business 500 Series Stackable Managed Switches
  • Cisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE
  • Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE
  • Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE
  • Cisco WAP371 Wireless-AC/N Radio Access Point with Single Point Setup
  • Cisco WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoE
  • Cisco WAP571E Wireless-AC/N Premium Dual Radio Outdoor Access Point
  • Cisco WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN

View solution in original post

9 Replies 9

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎12-12-2021 01:57 PM

The list of Affected Products is regularly updated. 

Go to solution
GKToronto
Level 1
Level 1
In response to Leo Laohoo

‎12-12-2021 02:11 PM

Thanks Leo. I'll keep monitoring that advisory page. (I also have email subscriptions/notifications enabled)

0 Helpful

Go to solution
GKToronto
Level 1
Level 1
In response to GKToronto

‎12-15-2021 06:29 AM - edited ‎12-15-2021 06:30 AM

Just to followup, they have added a few RV series models to the list as "Products Under Investigation"

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

namely:

Cisco RV132W ADSL2+ Wireless-N VPN Router
Cisco RV134W VDSL2 Wireless-AC VPN Router
Cisco RV160x and RV260x VPN Routers
Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router
Cisco Small Business RV Series RV110W Wireless-N VPN Firewall

Cisco Small Business RV Series RV320 Dual Gigabit WAN VPN Router

although they've not been listed under "Vulnerable Products" (as of the time of this post). We'll have to keep monitoring that page, as Leo suggested earlier, for changes, as well as additional model numbers. I'm crossing my fingers that they'll be added to Products Confirmed Not Vulnerable".

Go to solution
GKToronto
Level 1
Level 1
In response to GKToronto

‎12-15-2021 06:36 AM

P.S. It's odd that the RV320 investigation is being prioritized (compared to other models in the RV series), as it looks like the RV320 is end of life:

https://www.cisco.com/c/en/us/products/collateral/routers/small-business-rv-series-routers/eos-eol-notice-c51-743069.html

 

End of SW Maintenance Releases Date:
HW		The last date that Cisco Engineering may release any final software maintenance releases or bug fixes. After this date, Cisco Engineering will no longer develop, repair, maintain, or test the product software.January 29, 2021
0 Helpful

Go to solution
GKToronto
Level 1
Level 1

‎12-12-2021 02:20 PM

(off topic, but perhaps someone from Cisco is reading....) The notification emails that are sent for new posts on this forum have buttons (Helpful, Accept as Solution, Reply) with light blue text on a dark navy blue button ---- very hard to read! Someone might want to update the colour scheme (as a low priority task, compared to fixing log4j issues)

0 Helpful

Go to solution
CoreyP319
Cisco Employee
Cisco Employee
In response to GKToronto

‎12-13-2021 02:15 PM

Hello GKToronto, thanks for letting us know. I have not seen this issue myself but will check into it and work with the community team to resolve.

0 Helpful

Go to solution
CoreyP319
Cisco Employee
Cisco Employee
In response to CoreyP319

‎12-13-2021 02:18 PM - edited ‎12-13-2021 02:19 PM

Hello again GKToronto, I'm not seeing the issue on the email I received. Do you happen to have dark mode active on your email client?

 

Screenshot below:

2021-12-13_14-17-04.png

0 Helpful

Go to solution
GKToronto
Level 1
Level 1

‎12-13-2021 05:54 PM - edited ‎12-13-2021 06:00 PM

Thanks for the reply, Corey. On my iPhone using the default Mail client (screenshot not attached), the text in the buttons is white, like your "Accept as Solution" button above. So, all the text is legible.

But, in my Google Workspace (formerly known as GSuite) webmail, all the buttons look like the colour scheme of the "Reply" button in your screenshot, see screenshot:

cisco-notification-email-strange-colours.png

 

which is pretty hard to read. Not sure why it differs between email clients (my version of Chrome for the Google Workspace system is 96, so it's modern and recent)....perhaps some different interpretation of the embedded CSS in the email that renders differently.....it seems the button class has 2 different potential styles, depending on whether the [if mso] evaluates, so that might explain things (I'm not a CSS expert, so just taking guesses). No dark mode on either the iPhone or the Google Workspace system, either, so that's not a cause.

Low priority item, but thanks for putting it on the "to do" list (if others might be experiencing the same minor issue).

 

0 Helpful

Go to solution
GKToronto
Level 1
Level 1

‎12-18-2021 03:52 AM

Just to update this thread, the Cisco page at:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

has been updated, and they confirmed that that all of the RV series routers were NOT VULNERABLE, which is great news. See the list of models under "Routing and Switching - Small Business" in the "Products Confirmed Not Vulnerable" section, which listed (at the time of this post):

 

Routing and Switching - Small Business

  • Cisco 220 Series Smart Plus Switches
  • Cisco 250 Series Smart Switches
  • Cisco 350 Series Managed Switches
  • Cisco 550 Series Stackable Managed Switches
  • Cisco Business 220 Series Smart Switches
  • Cisco Business 250 Series Smart Switches
  • Cisco Business 350 Series Managed Switches
  • Cisco Business Dashboard
  • Cisco RV110W Wireless-N VPN Firewall
  • Cisco RV130 VPN Router
  • Cisco RV130W Wireless-N Multifunction VPN Router
  • Cisco RV132W ADSL2+ Wireless-N VPN Router
  • Cisco RV134W VDSL2 Wireless-AC VPN Router
  • Cisco RV160 VPN Router
  • Cisco RV160W Wireless-AC VPN Router
  • Cisco RV215W Wireless-N VPN Router
  • Cisco RV260 VPN Routers
  • Cisco RV260P VPN Router with PoE
  • Cisco RV260W Wireless-AC VPN Router
  • Cisco RV320 Dual Gigabit WAN VPN Router
  • Cisco RV325 Dual Gigabit WAN VPN Router
  • Cisco RV340 Dual WAN Gigabit VPN Router
  • Cisco RV340W Dual WAN Gigabit Wireless-AC VPN Router
  • Cisco RV345 Dual WAN Gigabit VPN Router
  • Cisco RV345P Dual WAN Gigabit POE VPN Router
  • Cisco Small Business 200 Series Smart Switches
  • Cisco Small Business 300 Series Managed Switches
  • Cisco Small Business 500 Series Stackable Managed Switches
  • Cisco WAP125 Wireless-AC Dual Band Desktop Access Point with PoE
  • Cisco WAP150 Wireless-AC/N Dual Radio Access Point with PoE
  • Cisco WAP361 Wireless-AC/N Dual Radio Wall Plate Access Point with PoE
  • Cisco WAP371 Wireless-AC/N Radio Access Point with Single Point Setup
  • Cisco WAP571 Wireless-AC/N Premium Dual Radio Access Point with PoE
  • Cisco WAP571E Wireless-AC/N Premium Dual Radio Outdoor Access Point
  • Cisco WAP581 Wireless-AC Dual Radio Wave 2 Access Point with 2.5GbE LAN
Customers Also Viewed These Support Documents