03-09-2018 07:28 AM - edited 07-05-2021 08:21 AM
Hello a client just had their network checked and had a report with the next vulnerabilites:
Is there anyway to remove these?
Thank you
03-09-2018 08:32 AM
- That depends, which software release are they running on the controller -> can they run a more recent release -> can they then verify the security checks again .... ?
M.
03-09-2018 09:32 AM
They are running the software version Release 8.0.152.0, and yes they can do an upgrade and verify de security checks again, but first they need to know which new release to put on the device.
03-09-2018 02:53 PM
Upgrade first and do the security check next.
Another thing, the people who are doing the vulnerability testing should be able to provide the CVS number of said vulnerability.
Firmware version isn't just the cause. For example, there could be possibility that the controller isn't really configured properly for security. So reading the Best Practices could be another solution.
NOTE: Cisco's products are constantly subjected to security testing by organizations not affiliated to Cisco. If they find something, Cisco gets notified.
03-13-2018 11:45 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide