Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1088
Views
0
Helpful
6
Replies

Vunerabilidades

Go to solution
AC4
Level 1
Level 1

‎09-26-2019 02:41 PM

Hola comunidad:

 

Tengo un colector 2.1.4 al cual se le encontraron varias vulnerabilidades:

Asset IP AddressAsset OS NameVulnerability IDVulnerability Severity LevelAsset Risk ScoreVulnerability Risk Score
10.223.254.70Linuxsuse-wrong-file-permissions43.347668
10.223.254.70Linuxunix-anonymous-root-logins73.347724
10.223.254.70Linuxunix-dot-entries-in-root-path43.347721
10.223.254.70Linuxunix-unowned-files-or-dirs23.347568
10.223.254.70Linuxunix-world-writable-files43.347667

 

Como puedo resolverlas?

 

Adolfo Cabrera

 

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
adias
Cisco Employee
Cisco Employee
In response to AC4

‎10-03-2019 01:52 PM

the collector must be upgraded to 2.8.1.6.. most of the vulnerabilities mentioned will be mitigated then. please upgrade the collector and re-run the scan to confirm.

EXAMPLES.

2.8.1.4.JPG

 

 

and

 

286.JPG

 

https://www.cisco.com/c/en/us/support/cloud-systems-management/common-services-platform-collector-cspc/products-release-notes-list.html

View solution in original post

0 Helpful

Go to solution
adias
Cisco Employee
Cisco Employee
In response to adias

‎10-18-2019 10:50 AM

Hello Luis have the post provided the answers you needed, if so please mark as resolved for other to benefit and that I can take it of from my monitoring posts.  If you still have additional questions please let me know

View solution in original post

0 Helpful
6 Replies 6

Go to solution
luis_cordova
VIP Alumni
VIP Alumni

‎09-26-2019 02:57 PM

Hola @AC4 ,

 

Te sugiero investigar el ID de las vulnerabilidades, pues ahí se te está indicando la vulnerabilidad.

Por ejemplo, ante la vulnerabilidad "suse-wrong-file-permissions", yo revisaría los permisos de los archivos en tu sistema suse.

 

Saludos

0 Helpful

Go to solution
AC4
Level 1
Level 1
In response to luis_cordova

‎10-02-2019 02:11 PM

Hola luis:

 

 

Anexo información enviada por el cliente para que por favor me indique como reparar las vulnerabilidades.

 

Adolfo

Preview file
13 KB
0 Helpful

Go to solution
adias
Cisco Employee
Cisco Employee
In response to AC4

‎10-02-2019 03:05 PM

 

 

What is the version of the Collector CSPC

 

If you connect via admin CLI send me the output of the command below:

 

admin#  show ver -d

0 Helpful

Go to solution
AC4
Level 1
Level 1
In response to adias

‎10-03-2019 01:13 PM

Hola  Adias:

 

image.png

0 Helpful

Go to solution
adias
Cisco Employee
Cisco Employee
In response to AC4

‎10-03-2019 01:52 PM

the collector must be upgraded to 2.8.1.6.. most of the vulnerabilities mentioned will be mitigated then. please upgrade the collector and re-run the scan to confirm.

EXAMPLES.

2.8.1.4.JPG

 

 

and

 

286.JPG

 

https://www.cisco.com/c/en/us/support/cloud-systems-management/common-services-platform-collector-cspc/products-release-notes-list.html

0 Helpful

Go to solution
adias
Cisco Employee
Cisco Employee
In response to adias

‎10-18-2019 10:50 AM

Hello Luis have the post provided the answers you needed, if so please mark as resolved for other to benefit and that I can take it of from my monitoring posts.  If you still have additional questions please let me know

0 Helpful
Customers Also Viewed These Support Documents