Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1438
Views
7
Helpful
17
Replies

CSCwa25099, CSCwa25100 and CSCwa25074 - Expressway Cross-Site Vulnerab

Elter
Level 4
Level 4

‎02-08-2024 10:05 AM

Hello,

the Cisco Security Advisory raised yesterday relates to bugs CSCwa25099, CSCwa25100 and CSCwa25074:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-KnnZDMj3

and basically mention: "This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected system."

and also mention that there is no workaround, must upgrade to a fixed release.

 

If the bug is specific to the web-based management, I was wondering we disable web access to the expressway, either by block with internal or external firewall or directly disabling web mgmt interface, would be enough to not be exposed, while planning the upgrade to a fixed release.

Any thoughts?

Best regards

0 Helpful
17 Replies 17

Nithin Eluvathingal
VIP
VIP
In response to jagifoto1

‎02-11-2024 10:04 PM

The Fixed release table explicitly indicates that versions prior to 14.0 require an upgrade to the fixed versions.

 



Response Signature


TXG
Level 5
Level 5

‎02-17-2024 01:52 PM

Under the first fixed releases it says after the upgrade you need issue the command "xconfiguration Security CSRFProtection status : "Enabled"" does this need to be done on the C, E, or both?

0 Helpful

Roger Kallberg
VIP
VIP
In response to TXG

‎02-17-2024 02:02 PM

On both C and E.



Response Signature


Customers Also Viewed These Support Documents