Cisco has released security updates to address serious SNMP vulnerabilities that could lead executing code remotely by exploiting any version of SNMP subsystem. These SNMP vulnerabilities patches are available for the users who have procured a valid license of the software.

These Simple Network Management Protocol vulnerabilities are considered to be unavoidable as these could allow attackers to get the control of the affected system.

The Cisco software updates addressed vulnerabilities that affected all versions of SNMP subsystem (1, 2c and 3). The cause of these Cisco vulnerabilities was the buffer overflow condition of the SNMP subsystem. Before releasing these patches, administrators were advised to disable following MIBs to mitigate SNMP vulnerabilities:

  • ADSL-LINE-MIB
  • ALPS-MIB
  • CISCO-ADSL-DMT-LINE-MIB
  • CISCO-BSTUN-MIB
  • CISCO-MAC-AUTH-BYPASS-MIB
  • CISCO-SLB-EXT-MIB
  • CISCO-VOICE-DNIS-MIB
  • CISCO-VOICE-NUMBER-EXPANSION-MIB
  • TN3270E-RT-MIB

The customers who have not purchased the license of dedicated Cisco software, are not supposed to get mainstream support and set of features by installing free Cisco software updates.

Cisco recommends customers to consult advisories regularly for software upgrades in order to stay protected. If they need more assistance regarding software updates or detailed information, they can contact to Cisco Technical Assistance Center.

Besides this, if the customers are unable to obtain fixed software through their point of sale and are without service contracts, can contact Cisco TAC to get rid of upgrading issues.

Cisco has provided Cisco IOS Software Checker, the tool for the users to identify any exposure to vulnerabilities in Cisco IOS and IOS XE Software. The Cisco IOS Software Checker is available on Cisco Security Intelligence Operations portal and helps to determine security advisories that impacted software release. Just access this tool and enter the Cisco IOS or IOS XE release to verify it.

Cisco ios software checker

Cisco has admitted that they are well aware of these serious vulnerabilities’ external knowledge. They are notifying their customers about the possibilities and effects of exploitation.

The customers, running affected releases of Cisco IOS or IOS XE software, should apply SNMP vulnerabilities patches without any delay.

For further updates, stay tuned to Digital Riser.

More Tools

 

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here