Smart Install Remote Code Execution Vulnerability

johnmcgrath29 · ‎10-03-2022

Hi

I have had a number of switches come up with a "Smart Install Remote Code Execution Vulnerability" The solution

I have read on this from Cisco is to apply "No vStack" command in global configuration. however I am worried this will break the stack config on the switches??? any thoughs if I apply this will it break the stack configuration to the other switches?

John

Leo Laohoo · ‎10-04-2022

Smart Install and Stackwise are two different things.

The command "no vstack" is safe to use to disable Smart Install. Another alternative to "no vstack" is to upgrade the firmware.