Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
866
Views
0
Helpful
3
Replies

Cisco Secure Boot Vulnerability - PSIRT Not Clearing After Patching

GREGORY LEGGETT
Level 4
Level 4

‎11-19-2019 06:46 AM

I have two router models that I've applied the necessary patches to, ASR 1001-X (CSCvn89145) and ISR 4331 (CSCvn77156), and after uploading a new collection they are still reporting the issue.  There were IOS-XE upgrades performed in the same maintenance window, and the new version is reporting in SNTC; also the associated IOS-XE vulnerabilities are no longer listed.

 

Is there something that needs to be done to clear the patched devices, or should the PSIRT clear automatically after patching and uploading a new collection?

0 Helpful
3 Replies 3

Chris Camplejohn
Cisco Employee
Cisco Employee

‎11-19-2019 06:59 AM

That PSIRT is only matching on SW Type and Hardware.  There is a caveat in our IC for it that states this.  We didn't have a list of all the affected versions to automate.  I'm not sure if SNTC portal is displaying that caveat to you.  For this specific PSIRT, it will not auto-clear, so you can just acknowledge it.

0 Helpful

GREGORY LEGGETT
Level 4
Level 4
In response to Chris Camplejohn

‎11-19-2019 07:27 AM

Is there a way to acknowledge the devices that I have patched, without clearing the PSIRT for all devices?  If not, I guess I will need to manually track which devices have been remediated.

0 Helpful

Chris Camplejohn
Cisco Employee
Cisco Employee
In response to GREGORY LEGGETT

‎11-21-2019 09:29 AM

Users with Admin permissions can acknowledge alerts.  See the online help documentation.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents