Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
748
Views
0
Helpful
3
Replies

Prime Infra and NCS Vulnerability

Go to solution
Bruno Rangel
Spotlight
Spotlight

‎08-23-2016 09:08 AM


Hi Team

We have a Cisco Prime Network Control System running version: Version : 1.1.1.24.
A security audit/scan found out they has a Secure Sockets Layer (SSL) v3/Transport Layer Security (TLS) v1 Protocol Weak and a Vulnerability.
Need to know if is possible disable on NCS and PI the SSL3, TLS1 and SHA1?

Cheers
Bruno Rangel
Please remember to rate helpful responses using the star bellow and identify helpful or correct answers
Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Ajay Mishra
Cisco Employee
Cisco Employee

‎08-23-2016 12:06 PM

with PI 2.1 , we have Security Advisories, Responses and Notices @    http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-infrastructure-2-1/model.html

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-23-2016 01:29 PM

You cannot disable those features, they are inherent to operating a secure web server.

You should upgrade to a version that patches the vulnerability.

For Prime Infrastructure that was fixed as of Release 2.2.1. That and all later versions will not have the vulnerability.

Your Prime NCS 1.1.1.24 is very old and I don't believe a patch is available for that end of sales product. Most of these SSL vulnerabilities were identified in Fall 2015 and the last NCS 1.1 patch was released in early 2015.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Ajay Mishra
Cisco Employee
Cisco Employee

‎08-23-2016 12:06 PM

with PI 2.1 , we have Security Advisories, Responses and Notices @    http://www.cisco.com/c/en/us/support/cloud-systems-management/prime-infrastructure-2-1/model.html

0 Helpful

Go to solution
Bruno Rangel
Spotlight
Spotlight
In response to Ajay Mishra

‎08-23-2016 01:36 PM

Hey Guys

Thanks for your Reply...

Cheers
Bruno Rangel
Please remember to rate helpful responses using the star bellow and identify helpful or correct answers
0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-23-2016 01:29 PM

You cannot disable those features, they are inherent to operating a secure web server.

You should upgrade to a version that patches the vulnerability.

For Prime Infrastructure that was fixed as of Release 2.2.1. That and all later versions will not have the vulnerability.

Your Prime NCS 1.1.1.24 is very old and I don't believe a patch is available for that end of sales product. Most of these SSL vulnerabilities were identified in Fall 2015 and the last NCS 1.1 patch was released in early 2015.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents