PSIRT — Apache Struts Commons File Upload CSCvn17524

On November 5, 2018 Cisco published the following PSIRT with a summary of vulnerabilities in several of its products. I’m mostly concerned about the effect on Cisco ISE. Here is a link to the bug CSCvn17524. For some background, this is a vulnerability that Apache published in 2016 so I’m unsure why Cisco is just picking it up now.

In late November 2018 and into early December Cisco has published the fixes to the Software Download Center.  It could be confusing though since there are several Struts2 patches.  The correct Struts patch for this vulnerability is in the box below. 

 

At this time there are only fixes for ISE2.1 Patch 7 and ISE 2.3 Patch 5. To successfully apply the patch you must have the latest Patch bundle installed.

Installing the hot patch occurs at the ISE command line and not in the GUI and occurs pretty quickly due to the small size of the patch.

A little further on all the ISE services will Stop and Restart and if your lucky the Hot Patch will be installed

You can use this command to verify that the patch is installed.

 

Leave a Reply

Your email address will not be published. Required fields are marked *