The Portuguese version of this Article can be found at: ISE - Field Notice: FN74259 - Configuration Change Recomendado .
 |
For an offline or printed copy of this document, simply choose ⋮ Options > Printer Friendly Page. You may then Print > Print to PDF or Copy & Paste to any other document format you like. |
Introduction
Please note the following Field Notice with Impact Rating Low:
FN74259 of March 19, 2025
described in:
CSCwo05386 ISE getting alarms regarding internal certificate Baltimore CyberTrust Root expiring
ISE - CSCwo05386 - Baltimore CyberTrust Root expirando (ISE 3.x)
Summary
Previously, Cisco ISE used the Baltimore CyberTrust Root certificate (installed by default in versions 3.0, 3.1, 3.2, 3.3, and 3.4) to connect to cisco.com via SSL and obtain updates for Posture and Bring Your Own Device (BYOD).
This Certificate is no longer used by Cisco ISE.
Workaround
On March 14, 2025, after analysis, it was found that the Baltimore Cyber Trust Root Certificate (which expires on May 12, 2025) is no longer in use by Cisco ISE and is safe to delete !!!
At Administration > System > Certificates > Certificate Management > Trusted Certificates > Disabled the Baltimore Cyber Trust Root Certificate:
then, delete the Baltimore Cyber Trust Root Certificate:
Affected Products & Fixed Software
The vulnerability affects Cisco ISE in the following versions:
References
ISE - Field Notices (versão Português) - Video
