Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1787
Views
0
Helpful
7
Replies

Vulnerability missing on portal

nader862010
Level 1
Level 1

‎04-13-2020 05:11 PM

Hello, 

 

I’ve been using SNTC portal to check on vulnerabilities of our equipment. On the portal, I do not see any vulnerabilities on 4500 series switch with the IOS version of 3.7.2E.

However, on Cisco software checker, I see bunch of vulnerabilities on the list for IOS version of 3.7.2E (see the attached spreadsheet)

I verified that CSPC has successfully collected and uploaded switch info to portal. 

Can anyone advise why there's mismatch/missing vulnerabilities on the portal?

 

Thank you

softwarechecker.csv
0 Helpful
7 Replies 7

Chris Camplejohn
Cisco Employee
Cisco Employee

‎04-13-2020 05:21 PM

The portal checks more than just SW release. It also checks running configuration and product family/product ID. It may be possible that your code has the vulnerability but your configuration is not vulnerable.
0 Helpful

nader862010
Level 1
Level 1
In response to Chris Camplejohn

‎04-20-2020 12:21 PM - edited ‎04-20-2020 12:25 PM

Does this mean switch can be vulnerable again if there's change in configuration? I still don't understand that there's a mismatch. I don't see any option to fix this on portal.

0 Helpful

Chris Camplejohn
Cisco Employee
Cisco Employee
In response to nader862010

‎04-20-2020 12:58 PM

Yes.  Changing the configuration could make you vulnerable to a Security Advisory.  Is your 4500 running VSS by chance?
0 Helpful

nader862010
Level 1
Level 1
In response to Chris Camplejohn

‎04-20-2020 01:04 PM

Yes they are running VSS.

0 Helpful

Suchita Shewale
Cisco Employee
Cisco Employee
In response to nader862010

‎04-20-2020 02:33 PM

@nader862010 I believe Austin Testut has internal discussion open on this topic as well. Initially we thought we had a bug with profiling of 4500 switch in this case, upon further analysis that does not seem to be an issue.

Please allow us some time to troubleshoot this more and I will get back with the update.

0 Helpful

atestut
Cisco Employee
Cisco Employee
In response to Suchita Shewale

‎04-21-2020 01:23 PM

Hello all, it looks like there is a similar issue where the SNTC Portal is showing more PSIRTs for Nexus 5000's than in the IOS checker for 7.3(3)N1(1) and 7.3(0)N1(1).  @Suchita Shewale I have sent you the excel files via the internal case. 
Perhaps there is the same reason behind both of these PID's having differences in PSIRT totals?

0 Helpful

Chris Camplejohn
Cisco Employee
Cisco Employee
In response to atestut

‎04-23-2020 01:16 PM

Nexus is new to the Software Checker. Note the caveat they have on the tool: "Also note that the tool only contains vulnerability information for NX-OS Software and NX-OS Software in ACI Mode from July, 2019 onward." But in the SNTC portal, there is analysis for further back from that.
0 Helpful
Customers Also Viewed These Support Documents