vulnerability cisco 7206 Vxr

Robo123 · ‎09-22-2017

Hi Team,

I have a CISCO 7206VXR device and same is hitting on the below vulnerabilies.

Cisco IOS Software TCP Memory Leak DoS (cisco-sa-20150325-tcpleak)--(CVE -->CVE-2015-0646)
Cisco IOS Software Multiple Network Address Translation (NAT) Denial of Service Vulnerabilities (cisco-sa-20140326-nat) (CVE-->CVE-2014-2109|CVE-2014-2111)
SSH Weak MAC Algorithms Enabled
SSH Server CBC Mode Ciphers Enabled (CVE-->CVE-2008-5161)
OSPF LSA Manipulation Vulnerability in Cisco IOS (cisco-sa-20130801-lsaospf) (CVE-->CVE-2013-0149)

also i found the below bugs related to the same issue.

CSCum94811

CSCue00996

Kindly let me know is this issue is fixed on 15.2(4)S7

please suggest on the above.

Julio E. Moisa · ‎09-22-2017

Hi,

I hope the following information is useful. Before to update the IOS, I recommend to see the hardware requeriments. You can also verify with the Cisco TAC.

About CSCum94811

Known Fixed Releases:

(86)

15.6(1)SN

15.5(0.1)S

15.4(2)T3

15.4(2)S2.16

15.4(2.17)S0.4

15.4(2.14)T

15.4(2.13)PI26a

15.4(1)T4

15.4(1)S3.9

15.3(3)S4.13

15.3(3)M5

15.3(3)M4.3

15.3(3)JNB1

15.3(3)JN4

15.3(3)JD

15.3(3)JBB1

15.3(3)JBB

15.3(3)JB

15.3(3)JA77

15.3(3)JA3

15.3(3)JA10

15.3(1)IE101.132

15.2(6.3.0i)E

15.2(5.0)ST

15.2(4)S8

15.2(4)M8

15.2(4.0)ST

15.2(4.0.64a)E

15.2(2)JB6

15.2(2)ID273.263

15.2(2)EA1

15.2(2)E2

15.2(2.8.1)EA1

15.2(2.7.25)EA

15.2(2.6.83)EA

15.2(2.4.11)EA

15.2(2.1)EB

15.2(2.1.19)EB

15.2(2.0.1)EA3

15.2(1)SY2

15.2(1)SY1a

15.2(1)SY1.33

15.1(4)M11

15.1(2)SY6

15.1(2)SY5.19

15.1(2)SG6

15.1(1)SY6

15.1(1)SY5.23

15.0(2)SQD1

15.0(2)SG11

15.0(2)SE9

15.0(2)EX11

15.0(2)EX10

15.0(2.2.2)SG11

15.0(1)SY9

15.0(1.9.9)SQD1

15.0(1.9.1)SQD3

15.0(1.9.1)SQD2

15.0(0)SY99.491

12.4(25e)JAX2

12.4(25e)JAP4

12.4(25e)JAP10

12.4(25e)JAM6

12.2(60)EZ8

12.2(55)SE11

12.2(33)SXJ9.20

12.2(33)SXJ10

12.2(33)SRE13

12.2(33)SCI2

12.2(33)SCI1a

12.2(33)CY1

12.2(33.12.3)SRE

10.3(110.0)

10.2(120.0)

8.3(102.0)

8.1(102.0)

8.1(14.15)

8.0(120.0)

7.4(140.2)

3.6(2)E

About CSCue00996

Known Fixed Releases:

(89)

15.5(0.16)S

15.4(3)S

15.4(2.17)S0.5

15.4(2)S

15.4(1.16)S0.7

15.4(1.16)S0.6

15.4(1)S1

15.4(1)S0e

15.4(1)S0c

15.4(1)S0.7

15.3(3)S2t

15.3(3)S2a

15.3(3)S2

15.3(3)S1.13

15.3(2.21.1)PIH22

15.3(2.21)T

15.3(2.21)PI23

15.3(2)T3

15.3(1)T4

15.2(4.0.64a)E

15.2(4.0)ST

15.2(4)S5

15.2(4)S4.19

15.2(4)M6

15.2(4)M5.5

15.2(4)JB4

15.2(4)JB3s

15.2(4)JB3b

15.2(4)JAZ

15.2(4)GC1

15.2(2)JB4

15.2(2)IE101.142

15.2(2)DB101.101

15.2(1.2.32)PI22

15.2(1)E3

15.2(1)E2

15.1(99)SY9.1

15.1(4)M8

15.1(4)GC2

15.1(3)S7

15.1(3)S6.3

15.1(3)S6.2

15.1(3)MRA3

15.1(2)SY2

15.1(2)SY1.1

15.1(2)SG4

15.1(2)SG3.0.151

15.1(1)SY3

15.1(1)ICB29.36

15.1(1)IC66.64

15.1(1)IB273.234

15.0(14.49)EZD

15.0(14.1)TSR

15.0(12.90)EZD

15.0(10.37)PKP

15.0(10.37)PKD

15.0(2.29)ZSR

15.0(2.1.94)SG11

15.0(2.1.77)SG9

15.0(2)SG9

15.0(2)SE6

15.0(2)EX5

15.0(2)EX11

15.0(2)EJ1

15.0(1)SY6

15.0(1)EZ2

15.0(0)SY99.324

12.4(24)YS6

12.4(24)YS10

12.4(24)T11

12.4(24)MDB17

12.2(60)EZ5

12.2(55)SE9

12.2(33.9.8)SRE

12.2(33)SXJ7

12.2(33)SXJ6.38

12.2(33)SXI13

12.2(33)SXI12.7

12.2(33)SRE10

12.2(33)SCH5

12.2(33)SCH3

12.2(33)SCH2

12.2(33)SCG7

10.1(112.2)

10.1(102.205)

7.6(101.2)

7.4(130.0)

7.4(122.2)

3.3(2)SE

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

Robo123 · ‎09-22-2017

Hi julio,

I have gone through this already here what is my concern is all these valuablilities am getting in same device, to prevent these all valuablilities which is the fixed/stayable version also confirm all these vulnerability are fixed 15.2(4)s7.

If possible share the cisco document also

Please suggest on the above.