Guest

Preview Tool

Cisco Bug: CSCvd36820 - Smart Install client feature should auto-disable when not in use

Last Modified

Sep 14, 2019

Products (150)

  • Cisco IOS
  • Cisco IE 2000-4T-G Industrial Ethernet Switch
  • Cisco Catalyst 2960C-8TC-S Switch
  • Cisco Catalyst 2960S-24PD-L Switch
  • Cisco Catalyst 3560X-48P-S Switch
  • Cisco Catalyst 3560X-48T-E Switch
  • Cisco Embedded Service 2020 CON B Switch
  • Cisco IE 2000-16TC-G Industrial Ethernet Switch
  • Cisco Catalyst 2960X-24PD-L Switch
  • Cisco Catalyst 3560CG-8TC-S Compact Switch
View all products in Bug Search Tool Login Required

Known Affected Releases

12.2(58)SE 15.2(2)E4 15.2(2a)JA

Description (partial)

Symptom:
This is a modification on the product to adopt new secure code best practices to enhance the security posture and resiliency of the product;
specifically, to disable the Smart Install client feature automatically, if a Smart Install director cannot be detected after initial boot of a
device supporting the Smart Install client feature.

Conditions:
Device configured with default configuration and running a version of Cisco IOS or IOS XE prior to the following first fixed releases:

IOS
12.2(60)EZ12
15.1(2)SY12 (upcoming release), 15.2(1)SY6, 15.4(1)SY4, 15.5(1)SY1 (upcoming release)
15.2(2)E7, 15.2(4)E5, 15.2(5)E2c, 15.2(6)E
15.2(4)EA6

IOS XE
3.6.7E
3.8.5E
3.10.0E

Denali-16.3.5
Everest-16.6.1

Auto-disable takes approximately 5 mins from router first boot. For all platforms 'vstack' enabled is a default behaviour and auto-disable works when SMI Director is not configured in network. To make 'no vstack' configuration stick during a reload ensure to do 'wr mem'.

Related Community Discussions

Cisco IOS version 15.1(4)M12a
Hi , Could any one help me to identify this ios version 15.1(4)M12a  is affected by    Vulnerable to CVE ID-2018-0171 Vulnerable to CVE ID-2018-0150 Vulnerable to CVE ID-2018-0151 I tried with the Cisco vulnerability checker .However it didn't populate any result.
Latest activity: May 08, 2018
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.