Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
995
Views
4
Helpful
4
Replies

Difference between iosRelease and firstFixed using the iosversion call

Infosim
Level 1
Level 1

‎03-09-2017 02:12 AM

Hey,

I've tried the new API call which integrates the IOS software checker to get all adivsories for specific versions (using json as output format) and wondered what does the attribute 'iosRelease' contain? I thought 'firstFixed' contains the fixes, but this seems wrong - at least sometimes. Let's take IOS 12.2(14)S as an example and send the call. The result contains following advisory:

      "advisoryId": "cisco-sa-20150325-tcpleak",

      "sir": "High",

      "firstPublished": "2015-03-25T16:00:00-0500",

      "lastUpdated": "2016-01-14T17:24:39-0600",

      "iosRelease": "12.2(33)SRE13",

      "firstFixed": "12.2(33)SRE15",

      "cves": [

        "CVE-2015-0646"

      ],

      "bugIDs": [

        "CSCum94811"

      ],

      "cvssBaseScore": "7.8",

      "advisoryTitle": "Cisco IOS Software and IOS XE Software TCP Packet Memory Leak Vulnerability",

      "publicationUrl": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-tcpleak",

      "cwe": [

        "CWE-399"

      ]

If you use the web app version of IOS software checker it says that 12.2(33)SRE13 is the first fixed version, but this version is listed under 'iosRelease' in the json output.

Another example for the same version is following advisory:

      "advisoryId": "cisco-sa-20070228-nam",

      "sir": "Critical",

      "firstPublished": "2007-02-28T16:00:00-0600",

      "lastUpdated": "2007-02-28T16:00:00-0600",

      "iosRelease": "12.2(14)S3,12.2(18)S13,12.2(20)S",

      "firstFixed": "12.2(33)SRE15",

      "cves": [

        "CVE-2007-1257"

      ],

      "bugIDs": [

        "CSCsd75273",

        "CSCse52951"

      ],

      "cvssBaseScore": "10.0",

      "advisoryTitle": "Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability",

      "publicationUrl": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070228-nam",

      "cwe": [

        "NA"

      ],

      "productNames": [

        "NA"

      ]

First fixed version should be 12.2(33)SRE15 but if you take a look at the web version of the software checker it says that the fixed versions are 12.2(14)S3,12.2(18)S13,12.2(20)S which are the same versions listed in 'iosRelease' of the json output.

So does 'iosRelease' always contain the fix versions or it is just a bug?

4 Replies 4

Omar Santos
Cisco Employee
Cisco Employee

‎03-09-2017 05:33 PM

Hi Stefan,

Thank you for bringing this into our attention. We are currently investigating this, it seems like a bug in the API, but I will confirm shortly.

Thanks!

Omar

Omar Santos
Cisco Employee
Cisco Employee

‎03-13-2017 01:35 PM

Hi Stefan,

This has been corrected. Please try again and let me know if you run into any problems.

Regards,

Omar

Infosim
Level 1
Level 1
In response to Omar Santos

‎03-13-2017 11:56 PM

Hi Omar,

thanks for that information. Can you tell if this problem was just solved for the particular version IOS 12.2(14)S or if it is an "overall API bugfix"?

Regards

0 Helpful

Omar Santos
Cisco Employee
Cisco Employee
In response to Infosim

‎03-14-2017 04:25 AM

It was an API fix.

Regards,

Omar

Customers Also Viewed These Support Documents