We are leveraging 2 CISCO CSRs 1000V in a transit VPC setting to support our VPNs connection. Our Nessus scanner is reporting the following vulnerability: Cisco REST API Container for IOS XE Software Authentication Bypass Vulnerability , the suggested solution is to upgrade the CISCO IOS XE from our actual version 16.06.06 Everest to the version 16.09.04 Fuji and the API container to the version 16.09.03 which seems to be fixed version. We attempted the upgrade from version 16.06.06 Everest to the version 16.09.04 Fuji, and it failed; after multiple reload, our systems remained unreachable through the VPNs, and the REST API container package was not updated,so we rolled back the upgrade, and this restored VPNs activity. 1. What is the upgrade path from the CISCO IOS XE version 16.06.06 Everest to the version 16.09.04 Fuji ? 2. The vulnerability is still being reported, and after running the cmd # show virtual-interface detail ; the csr_mgmt state appears to be "Activate Failed" which lead us to believe that we might not actually need it. We would like to know what would be the impact if we decided to get rid of this vulnerable module ( .ova file located in the bootflash directory). Also what will be the impact if we upgraded only the csr_mgmt (.ova file) and did not upgrade the CISCO IOS software. Thanks.
... View more
We have launched from AWS marketplace a couple of CISCO CSRs 1000v in our AWS environment as part of the transit VPC set up. For Organizational compliance, we are required to forward syslogs from these instances to Splunk for indexing and reporting, so we would appreciate any guidance or documentation with instructions that could lead us to configure syslogs forwarding to Splunk. Also, if there is a mechanism that could allow forwarding of syslogs to AWS CloudWatch service, we will be interested in knowing that as well. Thanks in advance.
... View more