![]() ![]() Determining the Cisco IOS XE Software Release The following example shows the output of the command for a device that is running Cisco IOS Software Release 15.5(2)T1 and has an installed image name of C2951-UNIVERSALK9-M: Router> show versionĬisco IOS Software, C2951 Software (C2951-UNIVERSALK9-M), Version 15.5(2)T1, RELEASE SOFTWARE (fc1)Ĭopyright (c) 1986-2015 by Cisco Systems, Inc.Ĭompiled Mon 22-Jun-15 09:32 by prod_rel_teamįor information about the naming and numbering conventions for Cisco IOS Software releases, see the Cisco IOS and NX-OS Software Reference Guide. Some Cisco devices do not support the show version command or may provide different output. The banner also displays the installed image name in parentheses, followed by the Cisco IOS Software release number and release name. If the device is running Cisco IOS Software, the system banner displays text similar to Cisco Internetwork Operating System Software or Cisco IOS Software. To determine which Cisco IOS Software release is running on a device, administrators can log in to the device, use the show version command in the CLI, and then refer to the system banner that appears. The following examples show the output of the show vstack config command on Cisco Catalyst Switches that are configured as Smart Install clients: switch1# show vstack configĭetermining the Cisco IOS Software Release ![]() An output of Role: Client and Oper Mode: Enabled or Role: Client (SmartInstall enabled) from the show vstack config command confirms that the feature is enabled on the device. To determine whether a device is configured with the Smart Install client feature enabled, use the show vstack config privileged EXEC command on the Smart Install client. Determining Whether the Smart Install Client Feature Is Enabled Switches that are running releases earlier than Cisco IOS Software Release 12.2(52)SE are not capable of running Smart Install, but they can be Smart Install clients if they support the archive download-sw privileged EXEC command. Cisco devices that are configured as a Smart Install director are not affected by this vulnerability.įor a list of devices that support Smart Install, see Smart Install Configuration Guide - Supported Devices.įor information about which Cisco IOS and IOS XE Software releases are vulnerable, see the Fixed Software section of this advisory. Only Smart Install client switches are affected by the vulnerability that is described in this advisory. ![]() This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or IOS XE Software and have the Smart Install client feature enabled. For a complete list of the advisories and links to them, see Cisco Event Response: March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. This advisory is part of the March 28, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 20 Cisco Security Advisories that describe 22 vulnerabilities. This advisory is available at the following link: Smart Install client functionality is enabled by default on switches that are running Cisco IOS Software releases that have not been updated to address Cisco bug ID CSCvd36820. There are no workarounds that address this vulnerability. An attacker could exploit this vulnerability by sending a crafted packet to an affected device on TCP port 4786.Ĭisco has released software updates that address this vulnerability. ![]() The vulnerability is due to improper validation of packet data. A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |