07-25-2017 01:04 PM - edited 03-08-2019 11:28 AM
Hello,
I have been trying to find an upgrade for the C2960-48TC-L switch where the CMP telnet vunerability (CSCvd48893) has been fixed, but it seems the latest ios from the download page for this switch was released sometime in November 2016, before the bug was discovered.
I know the work around is to remove telnet option from line configs, but we need to keep it on some switches. I followed the recommendation to restrict telnet access to specific hosts using acls, but vulnerability scanners do not take that into consideration and always report the switches ios to have a critical bug.
Is there any patch around or this should be requested from TAC directly
All help is appreciated
Moe Shea
Solved! Go to Solution.
07-25-2017 01:37 PM
Hi,
The 2960 series switches have been EOL/EOS for a long time now (over 8 years) and so there is no more new IOS being released. You may want to contact TAC and see if they have a solution.
HTH
07-25-2017 01:37 PM
Hi,
The 2960 series switches have been EOL/EOS for a long time now (over 8 years) and so there is no more new IOS being released. You may want to contact TAC and see if they have a solution.
HTH
07-25-2017 01:47 PM
Thank you Reza for the reply. according to EOL notice the last date for security patch release is October 2017. As you suggested I will contact TAC and hope they can provide a solution.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: