BackBox Integration With Cisco Software Checker

cisco-crop

As a Cisco Security Technology Alliance (CSTA) partner, BackBox Software Ltd. is pleased to announce the release of our latest IntelliCheck, created to support Cisco’s “Cisco Software Checker”.

This pro-active IntelliCheck is relevant to any organization running Cisco IOS, IOS XE, and NX-OS on a variety of Cisco devices. BackBox provides the ability to automatically extract required device version information and dynamically interact with Cisco’s web-based “Cisco Software Checker” in an effort to assess and identify any related Cisco Security Advisories

Furthermore, this BackBox IntelliCheck requires very little user interaction and ensures regular, scheduled assessments of an organization’s Cisco environment by automating the following:

  • inventory-management-trans

    1. Connecting to Cisco devices and extracting current version information

  • Centralized-Device-Management-new

    2. Dynamically interacting with Cisco’s web-based “Cisco Software Checker”

  • backup-recovery trans

    3. Automatically notifying the designated user of the following information:

    a. Identify the current, running version of OS.
    b. Identify the first available version of OS with no known vulnerabilities according to Cisco Security Advisories.

  • network-visualization trans

    4. Provide the designated user with a comprehensive email, inclusive of current OS and identified vulnerabilities along with the recommended version of OS to upgrade to.

As with all BackBox automation tasks and scripts, IntelliChecks (which provide proactive Security, Operational, and Performance Checks) have the ability to be customized to support specific organizational requirements such as leveraging a proxy server, if required in this case to connect externally for security reasons.

  • Enforce-Security-and-Compliance-Policies

    IntelliChecks Report

  • Signature

    Cisco -> IOS/IOS-XE/NXOS Version Checker

  • Status

    Success: 1, Suspect: 3, Failure: 0

bb-table-2-img

Upgrading Cisco IOS/IOS-XE/NXOS to Latest Versions with BackBox Task Automation

In order to address the identified vulnerabilities and upgrade to Cisco recommended version of OS, BackBox provides the ability to intelligently and efficiently upgrade multiple Cisco devices simultaneously with Task Automation. This allows organizations to ensure a consistent and current standard of OS across all Cisco devices. By leveraging BackBox Intelligent Automation to accomplish this, organizations can now increase their operational efficiency and reliability while significantly reducing overall risk.

  • access-to-state

    Detailed Results

Publication date  Impact  Title First fixed or not affected
3/24/2021 16:00 High Cisco IOS XE Software Fast Reload Vulnerabilities 16.12.4a
3/24/2021 16:00 High Cisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE SD-WAN Software vDaemon Denial of Service Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Software Arbitrary Code Execution Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Software DECnet Phase IV/OSI Denial of Service Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Software DNS NAT Protocol Application Layer Gateway Denial of Service Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Software for the Catalyst 9000 Family Arbitrary Code Execution Vulnerability 16.12.4a
3/24/2021 16:00 High Cisco IOS XE Software Hardware Initialization Routines Arbitrary Code Execution Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Software Plug-and-Play Privilege Escalation Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Software Web UI Cross-Site WebSocket Hijacking Vulnerability 16.12.5
3/24/2021 16:00 High Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerability 16.12.4a

See for yourself how consistent and reliable your device backups and upgrades can be