To determine whether AAA authentication is configured on the device, use the show running-config | include aaa authentication login command, as shown in the following example: Router# show running-config | include aaa authentication loginĪaa authentication login default local group example To determine whether a device has a vulnerable configuration, do the following: For additional information, see the Install and Upgrade Cisco IOS XE Release 17.2.1r and Later chapter of the Cisco SD-WAN Getting Started Guide. The SD-WAN feature set was first integrated into the universal Cisco IOS XE Software releases starting with IOS XE Software Release 17.2.1r. Note: The standalone Cisco IOS XE SD-WAN release images are separate from the universal Cisco IOS XE Software releases. For either to be affected, all of the following must be configured:įor information about which Cisco software releases are vulnerable, see the Fixed Software section of this advisory. This vulnerability affects Cisco IOS XE Software if it is running in autonomous or controller mode and Cisco IOS XE SD-WAN Software. For a complete list of the advisories and links to them, see Cisco Event Response: September 2021 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. This advisory is part of the September 2021 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. This advisory is available at the following link: There are workarounds that address this vulnerability. A successful exploit could allow the attacker to use NETCONF or RESTCONF to install, manipulate, or delete the configuration of a network device or to corrupt memory on the device, resulting a DoS.Ĭisco has released software updates that address this vulnerability. An attacker could exploit this vulnerability by sending a series of NETCONF or RESTCONF requests to an affected device.
This vulnerability is due to an uninitialized variable. Cause memory corruption that results in a denial of service (DoS) on an affected device.Install, manipulate, or delete the configuration of an affected device.A vulnerability in the authentication, authorization, and accounting (AAA) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass NETCONF or RESTCONF authentication and do either of the following:
0 kommentar(er)
