04-10-2014 08:42 AM - edited 03-07-2019 07:03 PM
Can someone suggest, how to mitigate the openssl heart bleed with IOS XE, Please share the process
am currently using below model
Cisco Catalyst 4500X-16 SFP+ Switch
IOS version: cat4500e-universalk9.SPA.03.04.02.SG.151-2.SG2.bin
04-10-2014 11:20 AM
I believe you'd only have the HeartBleed vulnerability if ip http secure-server was enabled on your device. If that is not enabled, I believe you're ok.
I haven't been able to find out too much information from Cisco except what's in this link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
I too am trying to find out what needs to be done to patch my enterprise's IOS-XE (and any additional products Cisco identifies as being vulnerable) devices to a secure version.
While waiting to hear from Cisco, my team is going through all of our devices to ensure https is disabled.
04-11-2018 01:44 AM
The Cisco Product Security Incident Response Team (PSIRT) is currently investigating which Cisco products are affected by this vulnerability. Cisco Advisory OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products was just published and already includes information on vulnerable products and others confirmed not vulnerable. The advisory will be updated as additional information about other products becomes available. Cisco will release free software updates that address these vulnerabilities. Any updates specifically related to Cisco will be communicated according to the Cisco Security Vulnerability Policy.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide