Anyone running 10.5(1) (fixes RegreSSHion vulnerability) on your Nexus

derrtavdam · ‎08-13-2024

Security is asking about updating our Nexus switches to 10.5(1) since it isn't otherwise possible to mitigate CVE-2024-6387.

Our Nexus switches handle critical datacenter operations and I'm hesitant to go to a non-preferred release.

Anyone has good are bad experience with 10.5(1)?

omegle xender

Enes Simnica · ‎08-13-2024

Hello @derrtavdam

I've been in a similar situation where security flagged a critical vulnerability that required us to update our Nexus switches to a non-preferred release. While it's understandable to be cautious, especially with devices handling critical datacenter operations, I've found that Cisco's recommended releases usually undergo extensive testing, even if they're not marked as preferred.

Regarding 10.5(1), we did run into a few minor bugs after the upgrade, but they were manageable and didn't impact our operations. The key was to thoroughly test the update in a lab environment before rolling it out to production. Also, if you haven't already, it might be worth checking Cisco's bug tracker for any issues specific to 10.5(1) that could affect your setup.

In short, while it's not without risks, if this update is the only way to mitigate CVE-2024-6387, it might be worth considering, especially with proper testing and a rollback plan in place.

At least it worked great for us (no outage LOOOL) hope it goes smoothly for you too!

E.S

more Cisco?!
more Gym?!

marce1000 · ‎08-13-2024

>....we did run into a few minor bugs after the upgrade,
- Could you also explain and or elaborate on these minor bugs which you found ?

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '