Next Page >>
Obtaining Fixed Software
| | | in 12.4T |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.1YI | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.1YJ | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| Affected | | First Fixed Release for |
| | | in 12.2SRC |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2IRC | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2IRD | Not Vulnerable | the instructions in |
| 12.2CY | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2CZ | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.2DA | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| 12.2DD | Not Vulnerable | Vulnerable; first fixed |
| 12.2CY | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.2CZ | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+--------------------------+---------------------------|
| 12.2DA | Not Vulnerable | Not Vulnerable |
|------------+--------------------------+---------------------------|
| 12.2DD | Not Vulnerable | Vulnerable; first fixed |
| | | are not vulnerable. |
|------------+--------------------+--------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 12.2EWA | Not vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this |
| | | advisory. |
|------------+--------------------+--------------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+--------------------+--------------------------|
| | | not vulnerable. |
|------------+------------------+----------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 12.2EWA | Not vulnerable | the instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+------------------+----------------------------|
| 12.2EX | Not vulnerable | 12.2(55)EX3 |
|------------+------------------+----------------------------|
| 12.2EY | Not vulnerable | 12.2(58)EY |
| | | vulnerable. |
|------------+----------------+------------------------------|
| | | Vulnerable; contact your |
| | | support organization per the |
| 12.2EWA | Not vulnerable | instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+----------------+------------------------------|
| 12.2EX | 12.2(55)EX3 | 12.2(55)EX3 |
|------------+----------------+------------------------------|
| 12.2EY | 12.2(58)EY | 12.2(58)EY |
| | | later are not vulnerable |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.3JEC | Not Vulnerable | the instructions in |
| | | Obtaining Fixed Software |
| | | section of this advisory |
|------------+---------------------------+--------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.3JED | Not Vulnerable | the instructions in |
| | | 15.0(1)M1 |
|------------+---------------------------+---------------------------|
| | Vulnerable; Contact your | Vulnerable; Contact your |
| | support organization per | support organization per |
| 12.4GC | the instructions in | the instructions in |
| | Obtaining Fixed Software | Obtaining Fixed Software |
| | section of this advisory | section of this advisory |
|------------+---------------------------+---------------------------|
| | | Vulnerable; Contact your |
| | | support organization per |
| 12.4JA | Not Vulnerable | the instructions in |
|------------+---------------------------------------+--------------|
| 12.2YG | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2YH | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2YJ | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
default setting of All IP Addresses. After choosing
Administration > Web Access Management, an administrator can
change the Allowed Remote IP Address setting to ensure that only
devices with specified IP addresses can access the device.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
setting of All IP Addresses. After choosing "Administration > Web
Access Management", an administrator can change the Allowed Remote
IP Address setting to ensure that only devices with specified IP
addresses can access the device.
Obtaining Fixed Software
========================
Cisco has released free software updates that address this
vulnerability. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set
| | | Publication |
|------------+------------------+----------------------------|
| | | Vulnerable; contact your |
| | | support organization per |
| 15.1EY | Not vulnerable | the instructions in the |
| | | Obtaining Fixed Software |
| | | section of this advisory. |
|------------+------------------+----------------------------|
| | Vulnerable; | Vulnerable; first fixed in |
| 15.1GC | first fixed in | Release 15.1T |
| | Release 15.1T | |
|------------+---------------------------------------+--------------|
| 12.4XN | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.4XP | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+---------------------------------------+--------------|
| 12.4XQ | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| 12.4XR | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| 12.2IRB | Vulnerable; first fixed in 12.2SRD | 12.2(33)SRD3 |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.2IRC | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+---------------------------------------+--------------|
| 12.2IXA | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| 12.2IXB | Not Vulnerable | |
Encryption Appliance is located on the "About" page of the Cisco
IronPort Encryption Appliance administration interface.
Note: Customers should contact IronPort support to determine which
software fixes are applicable for their environment. Please consult
the Obtaining Fixed Software section of this advisory for more
information.
Products Confirmed Not Vulnerable
+--------------------------------
===========================
Ciscoworks IPM versions 2.6 and earlier for Windows contain a
vulnerable third-party component that is no longer supported. Cisco
is unable to provide updated software for affected CiscoWorks
versions. Consult the "Obtaining Fixed Software" section of this
advisory for instructions on how to address vulnerable systems.
Workarounds
===========
Appliance is located on the About page of the IronPort Encryption
Appliance administration interface.
Note: Customers should contact IronPort support to determine which
software fixes are applicable for their environment. Please consult
the Obtaining Fixed Software section of this advisory for more
information.
Products Confirmed Not Vulnerable
+--------------------------------
|------------+----------------------------------------+-------------|
| 12.4XT | Not Vulnerable | |
|------------+----------------------------------------+-------------|
| | Vulnerable; Contact your support | |
| 12.4XV | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+----------------------------------------+-------------|
| | | 12.4(15)T10 |
| 12.4XW | Vulnerable; first fixed in 12.4T | |
| | | 12.4(20)T4 |
Using the peer IP address in the log message that was generated when
the Cisco IOS XR software device received the invalid update; capture
the notification message hex dump from the CLI command show bgp
neighbor and contact the Cisco TAC whom can assist with a decode.
Details on how to contact Cisco TAC are contained within the section
"Obtaining Fixed Software" of this advisory.
The following example show an example generated log message when
receiving the invalid update, and the details to be captured to be
sent to the Cisco TAC for decoding:
|------------+---------------------------------------+--------------|
| 12.4 | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| | Vulnerable; Contact your support | |
| 12.4GC | organization per the instructions in | |
| | Obtaining Fixed Software section of | |
| | this advisory | |
|------------+---------------------------------------+--------------|
| 12.4JA | Not Vulnerable | |
|------------+---------------------------------------+--------------|
| 12.4JDA | Not Vulnerable | |
The WebEx meeting service currently maintains three different
versions of software. WebEx meeting service servers run one of the
following versions: WBS 23, WBS 25, or WBS 26. Clients will receive
an upgrade automatically in accordance with the process that is
outlined in the Obtaining Fixed Software section of this advisory
within the time frame that is outlined in the WebEx Upgrade Timeline
subsection of this advisory.
Cisco WebEx will not offer the modified atucfobj.dll as a separate
download.
If the SCP server cannot be disabled due to operational concerns,
then no workarounds exist. The risk posed by this vulnerability can
be mitigated by following the best practices detailed in "Cisco Guide
to Harden Cisco IOS Devices" at
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080120f48.shtml
Please refer to the Obtaining Fixed Software section of this advisory
for appropriate solutions to resolve this vulnerability.
Due to the nature of this vulnerability, networking best practices
like access control lists (ACLs) and Control Plane Policing (CoPP)
that restrict access to a device to certain IP addresses or
If the Secure Copy server cannot be disabled due to operational
concerns, then no workarounds exist. The risk posed by this
vulnerability can be mitigated by following the best practices detailed
in "Improving Security on Cisco Routers" at
http://www.cisco.com/warp/public/707/21.html. Please refer to the
Obtaining Fixed Software section for appropriate solutions to resolve
this vulnerability.
Due to the nature of this vulnerability, networking best practices like
access control lists (ACLs) and Control Plane Policing (CoPP) that
restrict access to a device to certain IP addresses or subnetworks may
* Cisco IronPort Security Management Appliance (M-Series) versions
prior to 7.8.0
Note: Fixed software versions are not yet available. Please consult
the Obtaining Fixed Software section of this advisory for more
information.
Products Confirmed Not Vulnerable
+--------------------------------
Note: Windows Vista includes icacls, an updated partial replacement for
cacls. More information about icacls can be found at
http://www.microsoft.com/technet/technetmag/issues/2007/07/SecurityWatch/default.aspx
Obtaining Fixed Software
========================
Cisco will make free software available to address these vulnerabilities
for affected customers. This advisory will be updated as fixed software
becomes available. Prior to deploying software, customers should consult
Additional mitigations that can be deployed on Cisco devices in the
network are available in the Cisco Applied Intelligence companion
document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20110223-telepresence.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
There are no workarounds available to mitigate any of these
vulnerabilities. Note: All of these vulnerabilities require the
attacker to be authenticated.
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
the network are available in the Cisco Applied Intelligence companion
document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20110223-telepresence.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
Additional mitigation techniques that can be deployed on Cisco
devices within the network are available in the Cisco Applied
Mitigation Bulletin companion document for this advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100526-mediator.shtml
Obtaining Fixed Software
========================
Cisco has released free software updates that address these
vulnerabilities. Prior to deploying software, customers should
consult their maintenance provider or check the software for feature
Next Page>>
|
